Skip to main content

Atlassian Confluence is under heavy attack

posted onSeptember 6, 2021
by l33tdawg

Cybersecurity researchers at the US Cyber Command (USCYBERCOM) have urged admins to immediately patch their on-premise Atlassian Confluence collaboration platform, which is at the receiving end of an ongoing attack.

USCYBERCOM put out a public notice on Twitter informing Atlassian users of an active large-scale exploitation campaign that it expects to accelerate.

“Please patch immediately if you haven’t already—this cannot wait until after the weekend,” USCYBERCOM wrote on Twitter.  The flaw, tracked as CVE-2021-26084, enables threat actors to remotely execute arbitrary code on the popular workplace collaboration platform. Described as “an OGNL injection vulnerability,” the bug exists in the Atlassian Confluence Server and Confluence Data Center products, both of which are vulnerable to unauthenticated remote attackers.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th