Confluence is a professional enterprise knowledge management and collaboration software that can be used to build an enterprise wiki.

On July 6, April 4, 2019, Yundun emergency response center of Alibaba Cloud detected the official security update released by Confluence, because Widget Connector has the server template injection vulnerability. Attackers can exploit this vulnerability to implement directory traversal and even remote command execution.

Recently, Alibaba Cloud detected the latest vulnerability exploitation method, and multiple worms began to exploit this vulnerability for dissemination.

Rule type: Command execution

Risk level: High risk

Secure version:
  • Version 6.6.12 and higher versions of 6.6.x
  • Version 6.12.3 and higher versions of 6.12.x
  • Version 6.13.3 and higher versions of 6.13.x
  • Version 6.14.2 and higher

Policy-based protection: Cloud Firewall provides virtual patches to fix this vulnerability. We recommend that you enable the Virtual Patches in Intrusion Prevention to defend against this vulnerability.