ioc[.]one - OSINT Cyber Threat Intelligence Database

Actively Exploited Atlassian Confluence Zero-Day CVE-2022-26134

Tags

cmtmf-attack-pattern:	Code Injection
attack-pattern:	Data Code Injection - T1540 Confluence - T1213.001 Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Web Shell - T1505.003 Vulnerabilities - T1588.006 Credential Dumping - T1003 Scripting - T1064 Web Shell - T1100 Scripting

Show in Graph

Common Information

Type	Value
UUID	841bc7f3-6a1e-4177-8f64-6215f6e7f60f
Fingerprint	8c493947e2d75c0b
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 3, 2022, 7:47 a.m.
Added to db	Nov. 6, 2023, 12:09 p.m.
Last updated	Nov. 17, 2024, 5:55 p.m.
Headline	Actively Exploited Atlassian Confluence Zero-Day CVE-2022-26134
Title	Actively Exploited Atlassian Confluence Zero-Day CVE-2022-26134
Detected Hints/Tags/Attributes	32/2/24

Source URLs

	Redirection	Url
Details	Source	https://www.picussecurity.com/resource/cve-2022-26134-atlassian-confluence-zero-day-vulnerability-exploited

URL Provider

Details	Provider	Source level domain
Details	picussecurity.com	www.picussecurity.com

Attributes

Details	Type	#Events	Value
Details	CVE	122	cve-2022-26134
Details	CVE	80	cve-2021-26084
Details	CVE	1	cve-2018-5230
Details	CVE	5	cve-2019-3398
Details	CVE	38	cve-2019-3396
Details	File	41	code.exe
Details	md5	2	f8df4dd46f02dc86d37d46cf4793e036
Details	md5	2	ea18fb65d92e1f0671f23372bacf60e7
Details	sha1	2	4c02c3a150de6b70d6fca584c29888202cc1deef
Details	sha1	2	80b327ec19c7d14cc10511060ed3a4abffc821af
Details	IPv4	2	156.146.34.9
Details	IPv4	3	156.146.56.136
Details	IPv4	2	198.147.22.148
Details	IPv4	2	45.43.19.91
Details	IPv4	2	66.115.182.102
Details	IPv4	2	66.115.182.111
Details	IPv4	2	67.149.61.16
Details	IPv4	4	154.16.105.147
Details	IPv4	2	64.64.228.239
Details	IPv4	4	156.146.34.52
Details	IPv4	2	154.146.34.145
Details	IPv4	2	221.178.126.244
Details	IPv4	4	59.163.248.170
Details	IPv4	2	98.32.230.38