Skip to end of metadata
Go to start of metadata


SummaryA critical security vulnerability (CVE-2022-26134) was discovered in Atlassian Confluence.
Advisory Release Date

 

Affected Products

Linchpin Mobile as part of the Linchpin Intranet Suite.

Affected Versions

All versions of Linchpin Intranet Suite.

Fixed Versions

We expect this security vulnerability to be fixed by Atlassian soon.

Problem

Atlassian has been made aware of a current active exploitation of an unauthenticated remote code execution vulnerability of critical severity in Confluence Data Center and Confluence Server.

You can view Atlassian's official statement here:


We suspect that the attack can also be performed through Linchpin Mobile (as part of the Linchpin Intranet Suite) under the following conditions:

Linchpin Mobile apps accessing your Confluence without the gateway must be treated like every other computer client in your local network.

Remediation

Disable (not reset) the gateway connection of Linchpin Mobile until the fix for the host product from Atlassian can be deployed.

Impact on other Seibert Media products

Seibert Media apps from the Atlassian Marketplace including all joint venture apps

Other Confluence Server and Confluence Data Center apps

  • Not affected. No action is required.

Cloud apps

  • Not affected. No action is required.
Linchpin Hey

Not affected. No action is required.


Shortlink for this page: https://seibert.biz/cve202226134

  • No labels
This page was last edited on 06/03/2022.