---
title: Protection from CVE-2022-26134 (Unauthenticated RCE in Confluence)
summary: null
url: >-
  https://www.fastly.com/documentation/reference/changes/2022/06/protection-from-cve-2022-26134-unauthenticated-rce-in-confluence
---

A remote code execution vulnerability affecting the Atlassian Confluence product has recently been discovered and assigned the identifier **CVE-2022-26134** (also known as Unauthenticated RCE in Confluence). Fastly has created a virtual patch for it that is now available within your account. To activate it and add protection to your services:

1. Navigate to the Signal Sciences control panel and select **Templated Rules** from the **Rules** menu.
2. Search the templated rules for `CVE-2022-26134` and then click **View**.
3. Click **Configure** and then click **Add trigger** to configure the rule's thresholds and actions.
4. Select **Block requests from an IP immediately if the CVE-2022-26134 signal is observed** and then click **Update rule**.