-
CVE-2022-26134 – How to check and protect your Confluence
Last Friday, Volexity published a zero day exploit (CVE-2022-26134) on Atlassian Confluence. This post is to share some tips on how to check your Confluence instance is safe, and also some practical advice to protect your Confluence on-prem.
About the vulnerability
This bug affects all versions of Confluence since 1.3.0. It is a critical vulnerability because it allows unauthenticated users to execute code within the Confluence server remotely. According to Imperva Threat Research, there are widespread scanning and attempts of exploitation on the Internet.
How to fix the vulnerability
Atlassian alerted the customers promptly and responded with high priority. We are thankful that Atlassian released the fix in less than 24 hours.
For details of the fix, please refer to the official Confluence Security Advisory 2022-06-02.
How to check your Confluence for malicious access
Here are some basic checks that you can execute to check for any traces of malicious attempts. If there is any occurrence, then you may want to engage the security experts for more in-depth foresenic investigation.
URL requests containing ${
Since one of the attack mechanisms is to use ${ in the request URL, it would be helpful to scan the web server access logs for any occurrences. Please update the path of the Apache httpd/ Nginx access logs accordingly.
grep '${' /etc/httpd/logs/*access*.log grep '%24%7B' /etc/httpd/logs/*access*.logURL requests from known IP addresses
Based on the Volexity report, there are some IP addresses which are used by the attackers. Similarly, you can grep the access logs to check for any occurrences. Note: It is possible that there may be other attackers using other IP addresses.
grep 154.146.34.145 /etc/httpd/logs/*access* grep 154.16.105.147 /etc/httpd/logs/*access* grep 156.146.34.46 /etc/httpd/logs/*access* grep 156.146.34.52 /etc/httpd/logs/*access* grep 156.146.34.9 /etc/httpd/logs/*access* grep 156.146.56.136 /etc/httpd/logs/*access* grep 198.147.22.148 /etc/httpd/logs/*access* grep 198.147.22.148 /etc/httpd/logs/*access* grep 221.178.126.244 /etc/httpd/logs/*access* grep 45.43.19.91 /etc/httpd/logs/*access* grep 59.163.248.170 /etc/httpd/logs/*access* grep 64.64.228.239 /etc/httpd/logs/*access* grep 66.115.182.102 /etc/httpd/logs/*access* grep 66.115.182.111 /etc/httpd/logs/*access* grep 67.149.61.16 /etc/httpd/logs/*access* grep 98.32.230.38 /etc/httpd/logs/*access*
How to protect your Confluence instance
Actually, the best form of defense against unauthenticated attacks is to place the server behind the firewall. This will effectively block all attackers from mounting a direct attack remotely. That is a key reason why some security sensitive enterprises are choosing Confluence Data Center. We know that it is not possible for a software to be 100% free of bugs. So there might be another vulnerability waiting to be discovered in the future.
By using Long Term Support release of the product, it reduces the effort to upgrade since the critical security fixes will be available as long it is architecturally possible. This contributes greatly to a quick reaction to any future zero day exploits.
For those organizations who are working remotely, it is possible to access via VPN or use Web application firewalls for added protection. Both CloudFlare and Imperva have announced that their customers are protected from this vulnerability since they will ensure all requests are authenticated before relaying it to Confluence.
Last but not least, do make sure the license technical contacts are up-to-date. As an Atlassian Solution Partner, we have witnessed a number of occurrences when critical alerts from Atlassian are missed due to staff turnover.
Share this post
-
Akeles Top 10 Marketplace apps in 2021
This year, we are continuing the tradition of sharing our Top 10 popular apps for Jira, Confluence and Bitbucket.
From our perspective, Marketplace apps play a significant role for successful adoption of Atlassian platforms by
- enabling automation to improve productivity, speed or security
- adding features to provide additional capabilities like Business Analytics, Test Automation, etc
- organising information to provide insight and facilitate collaboration
This year, Atlassian Marketplace reached $2 billion in lifetime sales. This is a huge testimony of the usefulness and popularity of Marketplace apps.
How is the ranking done?
The ranking is based on the number of licenses (Server/DC/Cloud) customers bought in 2021.
We felt this will be a better measure of the popularity of the app.In event of a tie, we go by the licensed users count, followed by the total sale value for the app.
Akeles Top 10 List
We are pleased to share our list for 2021 voted by the Atlassian users in Singapore. Although our list may not correspond to the global popularity in Atlassian Marketplace, it is an affirmation in the usefulness of the apps.
Congratulations to the winners.
(more…)Share this post
-
Akeles Top 10 Marketplace Apps in 2020
Time flies and we are in 2021 already. We crunched our sales numbers for Atlassian Marketplace Apps licenses to identify the developing trends.
This year, we are sharing this list as we feel it may be useful to fellow Atlassian users looking to extract more value from Jira/Confluence/Bitbucket.
From our perspective, Marketplace apps play a significant role for established instances by
- enabling automation to improve productivity, speed or security
- adding features to provide additional capabilities like Business Analytics, Test Automation, etc
- organising information to provide insight and facilitate collaboration
How is the ranking done?
The ranking is based on the number of licenses (Server/DC/Cloud) we sold for each app in 2020.
We felt this will be a better measure of the popularity of the app.In event of a tie, we go by the licensed users count, followed by the total sales for the app.
Akeles Top 10 List
We are pleased to share our list for 2020 voted by the end users in Singapore. While our list may not reflect their actual popularity in Atlassian Marketplace, it is an affirmation in the usefulness of the apps.
Congratulations to the winners.
Top 10 Jira Apps for 2020
S/N App Name Publisher 01 ScriptRunner for Jira Adaptavist 02 JSU Automation Suite for Jira Workflows Beecom 03 Advanced Roadmaps (formerly Portfolio) Atlassian 04 eazyBI Reports and Charts for Jira eazyBI 05 Extension for Jira Service Management Deviniti 06 Jira Workflow Toolbox Decadis AG 07 Zephyr for Jira – Test Management SmartBear 08 Jira Misc Workflow Extensions (JMWE) Innovalog 09 Dynamic Forms for Jira Deviniti 10 BigPicture – Project Management & PPM SoftwarePlant Top 10 Confluence Apps for 2020
S/N App Name Publisher 01 Team Calendars for Confluence Atlassian 02 Gliffy Diagrams for Confluence Gliffy 03 draw.io Diagrams for Confluence //SEIBERT/MEDIA – Draw.io 04 Comala Document Management Comalatech 05 Table Filter and Charts for Confluence Stiltsoft 06 Refined for Confluence | Sites & Themes Refined 07 Excel for Confluence Bob Swift Atlassian Apps 08 SAML Single Sign On SAML SSO Confluence resolution Reichert Network Solutions GmbH 09 ScriptRunner for Confluence Adaptavist 10 Balsamiq Wireframes for Confluence Balsamiq Top 10 Bitbucket Apps for 2020
S/N App Name Publisher 1 ScriptRunner for Bitbucket Adaptavist 2 Webhook to Jenkins for Bitbucket Mohami 3 Awesome Graphs for Bitbucket Stiltsoft 4 SAML Single Sign On (SAML SSO) Bitbucket resolution Reichert Network Solutions GmbH 5 Workzone: PullRequest Workflow Izymes Pty Ltd 6 External Hooks by Reconquest Reconquest 7 Jira Hooks for Bitbucket DevOpsSystems Mueller 8 Sonar for Bitbucket Mibex Software GmbH 9 Snippets for Bitbucket Server Mohami 10 Microsoft Teams Connector for Bitbucket Globo Solutions Share this post
-
Best Practices in Jira Administration – Be a Jira Hero ebook
This is an ebook on a collection of Jira best practices that Atlassian has gathered from Jira experts around the world.
The title “Be a Jira Hero – A guide for Admins, by Admins” is well deserving. Therefore we recommend all Jira administrators and wannabes to read the 25 pages ebook.
Jira Best Practices ebook
The ebook is well-organised into different sections with short but clear snippets of wisdoms:
- How to keep Jira clean and simple for your users
- How to use issues effectively
- Best practices on managing Custom Fields and Screens
- Things to consider when building workflows
- Tips on managing backlog in Jira
- How to get people to work on the issues
- Best practices on designing the Jira dashboards for even more effective reporting
- Shortcuts & Hacks to work faster with Jira
- How to make use of automation to make life easier
One Common Mistake
For example, the book has highlighted in Tip #20 to incorporate Resolution into the workflows. We observed that a number of Jira admins who did not have formal training tends do not understand the concept of resolution. Consequently, they overlook this important step while creating new workflows. While the Jira appears to be working, the implications are some built-in reports may be inaccurate and an important piece of information is missing.
Our Additional Jira Tip
Dashboards are very useful if they are used correctly. Team members can have visibility on the progress and be reminded on the outstanding tasks. Furthermore, Management can have clear visibility without spending a lot of time preparing routine reports. As a result, users will understand the value of updating their tasks in Jira.
Multiple Filters Statistics Bar Chart Gadget 
Horseshoe Gadget Jira Conclusion
To sum up, if you are a Jira administrator, you should download the ebook and review whether you have been applying the Jira best practices.
There is no need to provide any email address to download the book. To add on, you may also want to check out the following resources:
Share this post
Subscription Options:
