Security News > 2021 > September > Jenkins Hit as Atlassian Confluence Cyberattacks Widen
A just-patched, critical remote code-execution vulnerability in the Atlassian Confluence server platform is suffering wide-scale exploitation, the Feds have warned - as evidenced by an attack on the popular Jenkins open-source automation engine.
Atlassian Confluence is a collaboration platform where business teams can organize its work in one place: "Dynamic pages give your team a place to create, capture, and collaborate on any project or idea," according to the website.
For its part, Jenkins identified a "Successful attack against our deprecated Confluence service," it said in a statement over the weekend.
The team took the server offline immediately and rotated all passwords, and there's no plan to bring Confluence back, it said.
Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate.
In some cases, an unauthenticated attacker could execute arbitrary code on a computer running a Confluence Server or Data Center instance - which earned the issue a critical 9.8 out of 10 rating on the CVSS vulnerability-rating scale.
News URL
https://threatpost.com/jenkins-atlassian-confluence-cyberattacks/169249/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-30 | CVE-2021-26084 | Expression Language Injection vulnerability in Atlassian Confluence Data Center and Confluence Server In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. | 9.8 |