1 min read

Vulnerability Update: Confluence

Atlassian urges its customers to immediately update their Confluence on-premise, Data Center and Server products due to a vulnerability. The vulnerability, called CVE-2021-26084 allows remote attackers to inject code and steal data, deploying malware and enabling them to view restricted resources via a Pre-Authorization Arbitrary File.

The vulnerability does not affect Confluence Cloud customers.

The US Cyber National Mission Force tweeted “Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate. Please patch immediately if you haven’t already”

The cyber intelligence firm Bad Packets said they "detected mass scanning and exploited activity from hosts in Brazil, China, Hong Kong, Nepal, Romania, Russia and the US targeting Atlassian Confluence servers vulnerable to remote code execution."

Atlassian has disclosed patches for the vulnerabilities and recommends that users upgrade to the Long Term Support release.

Confluence Server and Data Center versions before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5 are affected by this vulnerability.

At DEMICON safety is a priority, therefore we made sure that our customer's environments were patched immediately.

If you need support upgrading and patching your Confluence instance, don't hesitate to contact us, our team of experts will find the best solution for your use case.

Contact us

The highlights of the Digital Product Forum 2022

It's a wrap: The highlights of the Digital Product Forum 2022

Four packed, exciting and inspiring days lie behind our DEMICON team: From 18-21 July, we again attended the Mercedes-Benz Digital Product Forum,...

Read More
Digital Product Forum 2022: DEMICON as an agility driver in the automotive industry

Digital Product Forum 2022: DEMICON as an agility driver in the automotive industry

How does the future of the automotive industry look in the age of agility, automation and digitalised software development?

Read More

Sustainable success with smart seamless IT processes

DEMICON supported DB Regio Bus, a subsidiary of Deutsche Bahn AG, in optimising and digitising their operational IT processes. As a result, the...

Read More