A vulnerability with Atlassian Confluence has been exploited by several threat actors and poses a threat to organizations using the system. According to ZDNet, the vulnerability allows authenticated and unauthenticated users to execute code on the instance and gain access to the system.
Confluence is used by several organisations as a Wiki-type service for documentations and policy. The vulnerability was announced at the end of August and there have been more than 10,000 vulnerable instances identified.
It is critical that organisations that use the Atlassian Confluence update and patch their instance as soon as possible. Vertex is working with organisations on managing these updates and assisting with any compromised services as a result of the vulnerability.
If you’re concerned about this vulnerability and if it has impacted your system contact us as soon as possible.