MCNC Logo
Our hearts go out to everyone affected by Hurricane Helene. Our team has been working endlessly to make sure these communities in Western North Carolina have the resources they need during this challenging time. If you're looking to help out those in need, there are many ways to do so. We have included those options here: Hurricane Helene
09.02.2021

Confluence Server Webwork OGNL Injection

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 9/2/2021

Action Level -Critical

Description

MCNC would like to make you aware of a CRITICAL severity Confluence vulnerability that should be patched immediately.

CVE-2021-26084 is a remote code injection vulnerability affecting many versions of Confluence and is scored a 9.8/10. Further this vulnerability is actively being exploited.

Affected Devices

Various versions of Confluence preceding the following patched versions:

  • 6.13.23
  • 7.4.11
  • 7.11.6
  • 7.12.5
  • 7.13.0

The full list of affected versions is on Atlassian's webpage, here.

Attack Vector

Attackers with network access to the Confluence server.

Attack Feasibility

This vulnerability is actively being exploited, the feasibility of an internet facing Confluence server being exploited is high.

Mitigations

Confluence has a powershell script to mitigate if absolutely unable to patch/upgrade. It is on their page under mitigations, here.

Remediation

Upgrade/patch to a secure version of Confluence.

<-- Return to Cybersecurity Alerts...

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC