| ID |
CVE-2025-22166
|
| Sažetak |
This High severity DoS (Denial of Service) vulnerability was introduced in version 2.0 of Confluence Data Center.
This DoS (Denial of Service) vulnerability, with a CVSS Score of 8.3, allows an attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely disrupting services of a host connected to a network.
Atlassian recommends that Confluence Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
Confluence Data Center and Server 8.5: Upgrade to a release greater than or equal to 8.5.25
Confluence Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.7
Confluence Data Center and Server 10.0: Upgrade to a release greater than or equal to 10.0.2
See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]).
This vulnerability was reported via our Atlassian (Internal) program. |
| Reference |
|
| CVSS |
| Base: | 7.5 |
| Impact: | 3.6 |
| Exploitability: | 3.9 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
NONE |
HIGH |
|
| CVSS vektor |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Zadnje važnije ažuriranje |
05-12-2025 - 19:22 |
| Objavljeno |
21-10-2025 - 16:15 |
