Critical Malicious Code Gap in the Closed Confluence Wiki


Confluence Server and Data Center wiki software administrators must becritical“Installed a current version with a security patch.” Confluence Cloud is not affected, says Atlassian.

Successful exploitation of the vulnerability (CVE-2021-26084) could allow attackers to run their own code on systems. In such a case, they would be able to put a blackmail trojan on the systems or place a backdoor for later access.

According to a warning from Atlassian, the vulnerability can be found in Confluence Server Webwork OGNL. It is not yet clear how attacks might take place and whether there are already attacks. The message only states that successful attacks require authentication in most cases.

Atlassian states that the expenses 6.13.23, 7.4.11, 7.11.6, 7.12.5 and 7.13.0 are protected against such attacks. All previous versions would be threatened. The developer advises users to install the current version of Long Term Support 7.13.0 (LTS). The warning message indicates how to upgrade.

For administrators who are currently unable to install security updates, Atlassian provides temporary protection scripts for Linux and Windows.

[UPDATE 27.08.2021 11:30 Uhr]

Note on the workaround to temporarily secure the servers added to the current text.


Source of the article

Disclaimer: This article is generated from the feed and not edited by our team.


About Author

Comments are closed.