Security News > 2021 > September > Jenkins struck by 'Confluenza' as US Cyber Command warns Atlassian flaw 'cannot wait'

Jenkins struck by 'Confluenza' as US Cyber Command warns Atlassian flaw 'cannot wait'
2021-09-06 13:51

The Jenkins team issued a reminder over the weekend that one should keep one's systems patched as it found itself with a compromised Confluence service.

Although the affected instance of Confluence integrated with the company's identity system, the group said: "At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected."

The affected server had been deprecated by the Jenkins team back in 2019, with documentation and changelogs shunted into GitHub.

To the sound of the stable door banging in the breeze, the Jenkins infrastructure team said that the Confluence service had now been permanently disabled, privileged credentials rotated, and potentially affected infrastructure not under its direct management scrutinised.

The attack on the Jenkins Confluence service came as the original security advisory was updated to reflect that the vulnerability was being actively exploited and, worse, that "The vulnerability is exploitable by unauthenticated users regardless of configuration."

Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/09/06/jenkins_confluence_compromised/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-30 CVE-2021-26084 Expression Language Injection vulnerability in Atlassian Confluence Data Center and Confluence Server
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance.
network
low complexity
atlassian CWE-917
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Jenkins 628 54 1091 358 70 1573
Atlassian 58 56 291 40 34 421