Geek-Guy.com

Author: Naveen Sunkavalley

Comment on A Warning To Enterprises: It’s Time To Retire On-prem; Migration To Cloud And Modern AppSec Tools Critical To Future Threats, What Do You Think? by Naveen Sunkavalley

CVE-2022-26134 is about as bad as it gets. The vulnerability is easy to scan for and easy to exploit using a single HTTP GET request. We’ve verified that the public exploits released over the weekend enable arbitrary command execution and host takeover against many versions of Confluence, including the latest unpatched version 7.18.0.
 
The obvious impact of this vulnerability is that public-facing Confluence instances can be easily exploited by attackers to gain a foothold into internal networks. However, the impact extends beyond that. Confluence instances often contain a wealth of user data and business-critical information that is valuable for attackers moving laterally within internal networks. We’ve advised our clients to patch immediately, even if their Confluence instance is not public.