Connect with us

Hackers are actively searching the web for vulnerable corporate Confluence servers



Given the ease of use of CVE-2021-26084, experts expect an increase in attacks on Confluence servers.

Cybersecurity professionals warned on the increase in the number of scans and attempts to exploit a recently discovered vulnerability in corporate servers with the Atlassian Confluence wiki engine installed.

We are talking about vulnerability CVE-2021-26084 in Confluence Server and Confluence Data Center software, which allows you to execute arbitrary code. The problem is related to incorrect processing of input data and can be exploited to bypass authentication and execute malicious OGNL commands, which will completely compromise a vulnerable system.

At the beginning of the week cybersecurity experts published detailed analysis of the vulnerability, including several PoC codes for its exploitation. According to cybersecurity researcher Rahul Maini, exploiting the problem turned out to be much easier than expected.

According to Atlassian, Confluence’s customer base includes more than 60,000 companies and organizations, including Audi, Hubspot, NASA, LinkedIn, Twilio and Docker. Given the popularity of Confluence software and the ease of use of CVE-2021-26084, experts expect the number of attacks using this problem to increase significantly in the coming days.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


Latest News