However, cyber criminals from around the world have since been detected as scanning for vulnerable systems and launching attacks. This was presumably to avoid fuelling any future attacks before businesses had a chance to apply the fix.Ītlassian disclosed this vulnerability a couple of weeks ago and urged businesses to patch their systems at the time. In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. Author(s) Benny Jacob Jang wvu <> Platform.The firm had never publicly revealed the precise exploit mechanisms, though, beyond describing the flaw as a Confluence Server Webwork OGNL injection. This module exploits an OGNL injection in Atlassian Confluence's WebWork component to execute commands as the Tomcat user. It’s rated 9.8 on the CVSS threat severity scale out of ten, suggesting it’s highly exploitable. Rather, the on-premises versions of the product are those susceptible to exploitation. The vulnerability, which is embedded in the Atlassian Confluence Server and Confluence Data Center products, can allow an unauthorised attacker to execute arbitrary code on either of the affected platforms.Ĭonfluence Cloud, which is hosted on public cloud environments, isn’t affected by the flaw. “This cannot wait until after the weekend.”Ĭonfluence is a workplace collaboration platform that allows teams to work together remotely on projects or ideas. “Please patch immediately if you haven’t already,” the notice added.
0 Comments
Leave a Reply. |