Some people host confluence from Atlassian on local infrastructure and no access to the cloud.
I was curious if this could be an issue with learning whether or not your version is vulnerable.
So here is something I noticed to be helpful to all Confluence admins that want to check and not worry about the deep distracted deep reading needed in a slew of other CVE and parse relevant details to only their versions.
I wrote this to not leave out those behind proxies so have fun securing your instances.
function Check-ConfluenceSecurity
{
<#
.Synopsis
checks confluence from the internet using network and version parameters
.DESCRIPTION
checks Atlassian confluence from the internet using network and version parameters proxy and credentials are optional and this should return cve with your version numbers.
THIS DOES NOT FIX CONFLUENCE! This just provides a report with CVE containing your version number for Administrator evaluation.
.EXAMPLE
Check-ConfluenceSecurity -Network VPN -version '7.18.1' | ft -Wrap
#>
[CmdletBinding(
SupportsShouldProcess=$true,
PositionalBinding=$false,
HelpUri = 'http://www.powershell.city/',
ConfirmImpact='Medium'
)]
Param
(
[Parameter()][ValidateSet("Standard","VPN")]$Network='Standard',
[Parameter(mandatory=$true)]$version,
[Parameter()]$proxy
)
switch($Network)
{
Standard{Invoke-WebRequest 'https://atst-data.atl-paas.net/healthcheck/cve/confluence.json'| ConvertFrom-Json|where description -like "*$version*"|select cveid,description -OutVariable result | Out-Null}
VPN{Invoke-WebRequest 'https://atst-data.atl-paas.net/healthcheck/cve/confluence.json' -proxy $proxy -ProxyCredential $(Get-Credential -Message "Enter Proxy Credentials")| ConvertFrom-Json|where description -like "*$version*"|select cveid,description -OutVariable result | Out-Null}
}#endswitch
return $result| sort cveid -Unique
}Feel free to stay secure!
this function returns parsed data from :
www.atlassian.com/trust/security/advisories
PowerShell City 