Some folks host confluence from Atlassian on native infrastructure and no entry to the cloud.
I used to be curious if this might be a difficulty with studying whether or not or not your model is weak.
So right here is one thing I observed to be useful to all Confluence admins that wish to test and never fear in regards to the deep distracted deep studying wanted in a slew of different CVE and parse related particulars to solely their variations.
I wrote this to not omit these behind proxies so have enjoyable securing your situations.
perform Verify-ConfluenceSecurity
{
<#
.Synopsis
checks confluence from the web utilizing community and model parameters
.DESCRIPTION
checks Atlassian confluence from the web utilizing community and model parameters proxy and credentials are non-obligatory and this could return cve along with your model numbers.
THIS DOES NOT FIX CONFLUENCE! This simply offers a report with CVE containing your model quantity for Administrator analysis.
.EXAMPLE
Verify-ConfluenceSecurity -Community VPN -version '7.18.1' | ft -Wrap
#>
[CmdletBinding(
SupportsShouldProcess=$true,
PositionalBinding=$false,
HelpUri = 'http://www.powershell.city/',
ConfirmImpact="Medium"
)]
Param
(
[Parameter()][ValidateSet("Standard","VPN")]$Community='Customary',
[Parameter(mandatory=$true)]$model,
[Parameter()]$proxy
)
change($Community)
{
Customary ConvertFrom-Json
VPN Out-Null
}#endswitch
return $outcome| kind cveid -Distinctive
}
Be happy to remain safe!
this perform returns parsed knowledge from :
www.atlassian.com/belief/safety/advisories