HTTP: Atlassian Confluence Server and Data Center Webwork OGNL Injection
This signature detects attempts to exploit a known vulnerability against Atlassian Confluence Server. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
Affected Products
Atlassian confluence_server
Short Name
HTTP:CTS:CONFLUENCE-DC-OGNL-INJ
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Atlassian CVE-2021-26084 Center Confluence Data Injection OGNL Server Webwork and
Release Date
09/08/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3500
False Positive
Unknown
Vendors
Atlassian
CVSS Score
7.5