Threat Brief: CVE-2021-26084

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Executive Summary

On Aug. 25, 2021, Atlassian released a security advisory for an injection vulnerability in Confluence Server and Data Center, CVE-2021-26084. If the vulnerability is exploited, threat actors could bypass authentication and run arbitrary code on unpatched systems. Since the release of this advisory, mass scanning activity has started to occur, seeking unpatched systems, and in-the-wild exploitation has begun. Unit 42 recommends customers upgrade to the latest release of Confluence Server and Data Center.

Vulnerable Systems

The Atlassian products vulnerable to CVE-2021-26084 are those using the following versions of Confluence Server and Data Center:

All 4.x.x versions. All 5.x.x versions. All 6.0.x versions. All 6.1.x versions. All 6.2.x versions. All 6.3.x versions. All 6.4.x versions. All 6.5.x versions. All 6.6.x versions. All 6.7.x versions. All 6.8.x versions. All 6.9.x versions. All 6.10.x versions. All 6.11.x versions. All 6.12.x versions. All 6.13.x versions before 6.13.23. All 6.14.x versions. All 6.15.x versions. All 7.0.x versions. All 7.1.x versions. All 7.2.x versions. All 7.3.x

Read the article