CVE-2022-26134

GPTKB entity

Statements (30)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:access No
gptkbp:affects gptkb:Atlassian_Confluence
gptkbp:citation https://confluence.atlassian.com/security/cve-2022-26134
https://nvd.nist.gov/vuln/detail/CVE-2022-26134
https://www.cisa.gov/news-events/alerts/2022/06/03/atlassian-releases-security-updates-confluence-server-and-data-center
gptkbp:CVSSv3_score 9.8
gptkbp:describes Critical unauthenticated remote code execution vulnerability in Atlassian Confluence Server and Data Center.
gptkbp:discoveredIn 2022
gptkbp:exploits Yes
gptkbp:hasCWE gptkb:CWE-94
gptkbp:hasSeverity Critical
https://www.w3.org/2000/01/rdf-schema#label CVE-2022-26134
gptkbp:impact Complete system compromise
gptkbp:mainVendors gptkb:Atlassian
gptkbp:patchedBy gptkb:Confluence_7.13.7
gptkb:Confluence_7.14.3
gptkb:Confluence_7.15.2
gptkb:Confluence_7.16.4
gptkb:Confluence_7.17.4
gptkb:Confluence_7.18.1
gptkb:Confluence_7.4.17
gptkbp:publicationDate 2022-06-02
gptkbp:vectorFor gptkb:network_protocol
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
gptkbp:vulnerableTo gptkb:CVE-2022-26134
gptkb:OGNL_Injection
Remote Code Execution
gptkbp:bfsParent gptkb:MHCHAOS
gptkbp:bfsLayer 6