Security News > 2021 > September > Jenkins Hit as Atlassian Confluence Cyberattacks Widen

Jenkins Hit as Atlassian Confluence Cyberattacks Widen
2021-09-07 16:07

A just-patched, critical remote code-execution vulnerability in the Atlassian Confluence server platform is suffering wide-scale exploitation, the Feds have warned - as evidenced by an attack on the popular Jenkins open-source automation engine.

Atlassian Confluence is a collaboration platform where business teams can organize its work in one place: "Dynamic pages give your team a place to create, capture, and collaborate on any project or idea," according to the website.

For its part, Jenkins identified a "Successful attack against our deprecated Confluence service," it said in a statement over the weekend.

The team took the server offline immediately and rotated all passwords, and there's no plan to bring Confluence back, it said.

Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate.

In some cases, an unauthenticated attacker could execute arbitrary code on a computer running a Confluence Server or Data Center instance - which earned the issue a critical 9.8 out of 10 rating on the CVSS vulnerability-rating scale.


News URL

https://threatpost.com/jenkins-atlassian-confluence-cyberattacks/169249/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-30 CVE-2021-26084 Expression Language Injection vulnerability in Atlassian Confluence Data Center and Confluence Server
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance.
network
low complexity
atlassian CWE-917
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Jenkins 628 54 1092 359 70 1575
Atlassian 58 56 275 59 36 426