CVE-2022-26134

Richard Jones June 3, 2022

Are we safe from this vulnerability if we are accessing Confluence via VPN?  

1 answer

0 votes
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 3, 2022

If the Confluence instance cannot be accessed from the general internet, the risk of an exploit/attack originating from there is negated.

However, out of an abundance of caution, the guidance on the Confluence Security Advisory page for CVE-2022-26134 still applies.

Due to the critical nature of this vulnerability and the variety of ways in which instances can be accessed, please work with local network/security team(s) to determine if mitigation is needed.  We still recommend upgrading to a fix version as the long-term fix for this vulnerability.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events