Attackers are attempting to exploit recently patched Atlassian Confluence CVE-2021-26084 RCE

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Threat actors are actively exploiting a recently patched vulnerability in Atlassian’s Confluence enterprise collaboration product.

Threat actors were spotted exploiting the CVE-2021-26084 vulnerability in Atlassian’s Confluence enterprise collaboration product a few days after it was patched by the vendor.

Last week, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product.

The flaw is an OGNL injection issue that can be exploited by an authenticated attacker to execute arbitrary code on affected Confluence Server and Data Center instances.

“An OGNL injection vulnerability exists that would allow an authenticated user, and in some instances unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. ” reads the advisory published by the company.

The issue was discovered by Benny Jacob (SnowyOwl) through the Atlassian public bug bounty program, the vulnerability received a CVSS score of 9.8.

Affected versions are:

version < 6.13.236.14.0 ≤ version < 7.4.117.5.0 ≤ version < 7.11.57.12.0 ≤ version < 7.12.5

Researchers from Threat

Read the article