One 、 Vulnerability description

        Confluence Is a professional enterprise knowledge management and collaboration software , Commonly used in Enterprises wiki The construction of , Support information sharing among team members 、 Document collaboration 、 Group discussion and information push , It has more convenient editing and site management features . The software consists of Atlassian The company is responsible for development and maintenance .

2022 year 6 month 3 Japan , National information security vulnerability sharing platform （CNVD） Included Confluence Remote code execution vulnerability （CNVD-2022-43094, Corresponding CVE-2022-26134）. stay Atlassian Confluence Server and Data Center There is OGNL Inject holes , A malicious attacker can exploit this vulnerability in the target Atlassian Confluence Server and Data Center Inject malicious on the server ONGL expression , Cause remote code execution and deployment WebShell.

At present, it has been found that , Such as Kinsing Trojan team has exploited this vulnerability to expand the attack , The exploit script has been released , The affected units will be upgraded as soon as possible .

Reference to ：https://www.cnvd.org.cn/webinfo/show/7756

Two 、 Problem analysis

All unpatched versions are affected , Please upgrade to the following version as soon as possible

• 7.4.17