CVE-2022-26134 is an Object-Graph Navigation Language (OGNL) injection flaw impacting Atlassian Confluence & Data Center software. Leveraging this remote code injection (RCE) flaw, adversaries can execute arbitrary code on a server. Atlassian tools are popular with more remote work, so mitigation is key. Exploit, detect, & mitigate this flaw!
Learning Objectives
By the end of this course, you should be able to:
- Define the vulnerability, describe its root cause, and communicate its significance to key organizational stakeholders.
- Exploit this vulnerability using publicly available exploit code.
- Execute various mitigation tactics to reduce risk.