<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

Confluence Data Center Vulnerability Alert | January 2024

Confluence Data Center Vulnerability Overview

 

Background Information

Confluence issued a security advisory for a critical vulnerability impacting Confluence Data Center & Server, which is commonly used for collaboration and development. Note that the vulnerability does not impact Atlassian-hosted SaaS applications. Atlassian warns that customers running out-of-date versions are vulnerable to exploitation, including remote code execution by attackers. We recommend your organization immediately update to the latest version.

Impact of the Vulnerability

This vulnerability affects out-of-date Confluence Data Center and Server 8 versions released before Dec. 5, 2023 as well as 8.4.5, which no longer receives backported fixes in accordance with Atlassian’s Security Bug Fix Policy.

Affected versions:

  • 8.0.x
  • 8.1.x
  • 8.2.x
  • 8.3.x
  • 8.4.x
  • 8.5.0-8.5.3

Corvus has observed similar vulnerabilities lead to data theft and ransomware attacks. There are no known workarounds for this vulnerability. To remediate, update each affected product installation to the latest version.

Note: Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Next Steps for Confluence Customers:

We encourage your organization to take the following steps to mitigate against potential attack:

  1. Update to the latest fixed version: 
    • Confluence Data Center and Server
      • Fixed Versions: 8.5.4 (LTS)

      • Latest Versions: 8.5.5 (LTS)

    • Confluence Data Center and Server
      • Fixed Versions: 8.6.0 (Data Center Only), 8.7.1 (Data Center Only)

      • Latest Versions: 8.7.2 (Data Center Only)

Recent Articles

Cleo File Transfer Alert | December 2024


Cleo customers could be at risk due to a critical security flaw. Here's what you need to know.

November 2024: A Record-Breaking Month for Ransomware Attacks


In November 2024, ransomware activity reached an all-time high, with 632 reported victims listed to leak sites. Learn more in this ransomware update.

Q3 Cyber Threat Report: The Ransomware Ecosystem is Increasingly Distributed


Ransomware attacks remained high in Q3 2024 thanks to the RansomHub, PLAY, and LockBit 3.0 ransomware gangs. Check out the full cyber report for more info.