Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence Server doesn't work

Sergey Kondakov
Sergey Kondakov September 5, 2021

When I've just started Confluence sever it works properly, but after 10-15 minutes it's starting some process which loading CPU to 100% and I can't to enter into web interface at all. At ssh console I see that JAVAE process under user confluence use all available CPU time.

image.pngimage.png

Answer
Watch
Like Be the first to like this
380 views

2 answers

1 accepted

1 vote
Answer accepted
Hana Kučerová
Hana Kučerová
Community Champion
September 5, 2021

Hi @Sergey Kondakov ,

please look like here, it seems to me it could be the same problem.

View More Comments
Sergey Kondakov
Sergey Kondakov September 5, 2021

Maybe. I see that appear new executable script at /tmp/javac. Ive just delete it and change all passwords. Then openssh-server should be reinstalled there rise some problems with dependents. At this time problem solved. 

Like Hana Kučerová likes this
Sergey Kondakov
Sergey Kondakov September 5, 2021

Ah and Oh. Today I've see that appears new malfunction process at tmp directory. T've killed administratively but it shows that Confluence has back door to place and run malfunction code at /tmp directory. 

Like
Hana Kučerová
Hana Kučerová
Community Champion
September 5, 2021

Hi @Sergey Kondakov ,

probably you need to apply the patch or upgrade your Confluence, see here.

Like
Reply
0 votes
Daniel Ebers
Daniel Ebers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 10, 2021

Hi @Sergey Kondakov

while patching the vulnerable Confluence installation alongside with removing the malicious crypto miner is the correct measure in first place you would need to assess if the server is compromised in a way it needs probably to be restored from backup.

Basically a machine got hacked like yours should not be trusted anymore. Please do a thorough check of the environment, too. The malware seen in that cases is reported to "jump" to other hosts, too.

Regards,
Daniel

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
VERSION
7.2.0
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.