Dear Councilors and ccNSO Working Group Chairs I am forwarding a message from David Olive regarding the availability of ICANN's Wiki space. Best regards, Alejandra -- [image: Photograph] *Alejandra Reynoso*Investigación & Desarrollo | Dominios .gt *P:* +502 23688565 *E:* alejandra.reynoso@cctld.gt 18 Ave. 11-95 Zona 15, V.H. III. (A-109) Guatemala, Guatemala www.gt ---------- Forwarded message --------- From: David Olive via SO-AC-SG-CLeaders <so-ac-sg-cleaders@icann.org> Date: Fri, Jun 3, 2022 at 3:08 PM Subject: [ICANN Community Leaders] ICANN Community Wiki Update To: so-ac-sg-cleaders@icann.org <so-ac-sg-cleaders@icann.org> Cc: Sally Newell Cohen <sally.newellcohen@icann.org> Dear Community Leaders: Yesterday, E&IT learned of a vulnerability to the Atlassian Confluence wiki software that ICANN licenses for the ICANN Community Wiki. Soon after, the Wiki was taken offline, and a maintenance message was posted. We have prepared a statement to share with you today so that you have a better understanding of why the wiki is not available. This statement will also be posted on the wiki home page. *On 2 June 2022, ICANN’s Engineering and Information Technology (E&IT) became aware of a <https://www.cisa.gov/uscert/ncas/current-activity/2022/06/02/atlassian-releases-security-updates-confluence-server-and-data>vulnerability <https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02...> affecting Atlassian’s Confluence Server and Data Center products where an unauthenticated attacker could execute code remotely. This vulnerability affected the ICANN Community Wiki <https://community.icann.org/>, which was taken offline. This action is in accordance with advice <https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02...> provided by the vendor and the U.S. Cybersecurity & Infrastructure Security Agency. <https://www.cisa.gov/uscert/ncas/current-activity/2022/06/02/atlassian-relea...> ICANN org has verified that there are no indications that the ICANN Community Wiki was compromised as a result of the vulnerability. ICANN org is working quickly to complete the implementation of the patch provided by the vendor and verify the fix.* *A timeline is not currently available, but ICANN plans to provide an update on 6 June 2022.* Best regards, David David Olive Senior Vice President Policy Development Support Managing Director – ICANN Washington DC Office Internet Corporation for Assigned Names and Number (ICANN) _______________________________________________ SO-AC-SG-CLeaders mailing list SO-AC-SG-CLeaders@icann.org https://mm.icann.org/mailman/listinfo/so-ac-sg-cleaders _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.