Critical malicious code gap in wiki software Confluence closed

Critical malicious code gap in wiki software Confluence closed

Admins of the wiki software Confluence Server and Data Center should becritical“Install a current version with a security patch. Confluence Cloud is not affected, Atlassian assures.

Successful exploitation of the vulnerability (CVE-2021-26084) could allow attackers to execute their own code on systems. In such a case, they would be able to put a blackmail trojan on systems or to place a back door for later access.

According to a warning from Atlassian, the vulnerability can be found in Confluence Server Webwork OGNL. How attacks could take place and whether there are already attacks is not yet known. The message only states that successful attacks require authentication in most cases.

Atlassian states that the spending 6.13.23, 7.4.11, 7.11.6, 7.12.5 and 7.13.0 are protected against such attacks. All previous versions are said to be threatened. The developer advises users to install the current Long Term Support release 7.13.0 (LTS). The warning message tells you how to upgrade.

For admins who are currently unable to install the security updates, Atlassian provides scripts for Linux and Windows for temporary protection.

[UPDATE 27.08.2021 11:30 Uhr]

Note on workaround for temporarily securing servers added to the running text.


Leave a Reply

Your email address will not be published.