Experts anticipate an upsurge in attacks on Confluence servers because of the simplicity of usage of CVE-2021-26084.
Cybersecurity experts have warned of an uptick in scans and efforts to exploit a recently disclosed vulnerability in corporate servers running the Atlassian Confluence wiki engine.
We’re talking about the CVE-2021-26084 vulnerability in the Confluence Server and Confluence Data Center software, which allows you to execute arbitrary code. The issue is related to improper input data processing and may be exploited to circumvent authentication and execute malicious OGNL instructions, totally compromising a susceptible machine.
At the start of the week, cybersecurity experts released a thorough study of the vulnerability, including numerous proof-of-concept scripts for exploiting it. Exploiting the flaw proved to be considerably easier than predicted, according to cybersecurity expert Rahul Maini.
Confluence’s customer base, according to Atlassian, comprises over 60,000 companies and organizations, including Audi, Hubspot, NASA, LinkedIn, Twilio, and Docker. Given the ubiquity of Confluence software and the simplicity of use of CVE-2021-26084, experts predict that the number of attacks using this flaw will skyrocket in the next few days.