Confluence Server Webwork OGNL Injection
Date of Notice: 9/2/2021
Action Level -Critical
MCNC would like to make you aware of a CRITICAL severity Confluence vulnerability that should be patched immediately.
CVE-2021-26084 is a remote code injection vulnerability affecting many versions of Confluence and is scored a 9.8/10. Further this vulnerability is actively being exploited.
Various versions of Confluence preceding the following patched versions:
The full list of affected versions is on Atlassian's webpage, here.
Attackers with network access to the Confluence server.
This vulnerability is actively being exploited, the feasibility of an internet facing Confluence server being exploited is high.
Confluence has a powershell script to mitigate if absolutely unable to patch/upgrade. It is on their page under mitigations, here.
Upgrade/patch to a secure version of Confluence.