Confluence Data Center & Server RCE
Vulnerability
A vulnerability has been identified in Atlassian Confluence Data Center and Server, with the exception of the latest releases. This vulnerability, uses template injection and permits unauthorised attackers to execute remote code (RCE). The versions impacted are those of Server 8 released before December 5, 2023, and version 8.4.5.
It's important to note that Atlassian Cloud sites remain unaffected by this issue. Confluence sites operating under the atlassian.net domain, which are hosted by Atlassian, are not susceptible to this vulnerability.
Currently, our team are not aware of active exploitation of this vulnerability or any exploits in the wild.
Remediation
Organisations should review their networks for use of vulnerable instances of Atlassian Confluence Data Center and Confluence Server, and consult Atlassian’s customer advisory for mitigation advice.
If you're unsure of how to locate vulnerable systems on your network, why not let us perform an internal pen test to find out.