USCYBERCOM released a public notice on Twitter informing Atlasin users of a large-scale exploitation campaign that is expected to accelerate.
“Please patch immediately if you haven’t already – it can’t wait until after the weekend,” USCYBERCOM Wrote on twitter.
Error, as tracked. CVE-2021-26084., Enables intimidating actors to remotely run arbitrary code on popular workplace collaboration platforms.
Described as the “weakness of an OGNL injection”, the Big Atlasin is present in Confluence Server and Confluence Data Center products, both vulnerable to unverified remote attackers.
With a high CVSS intensity rating of 9.8 out of 10, there was a risk. Reported first On July 27, 2021. However, due to its serious nature, Atlasin did not publish details of its exploitative methods, until it issued a patch on August 25, 2021, last month.
Allegedly, however, the threatening actors began to take advantage of the threat immediately after the patch was released. Threatened intelligence firm Bad Packets. Found out first “Massive scanning and exploitation activity” against host threats in Brazil, China, Hong Kong, Nepal, Romania, Russia and the United States, before Atlasin updated its consulting alert users about the attack.
“This vulnerability is being exploited in the wild. Affected servers should be patched up immediately. Atlasin said..
The threat affects the Confluence Server and Data Center version before version 6.13.23, before version 6.14.0 to 7.4.11, before version 7.5.0 to 7.11.6 and before version 7.12.0 to 7.12.5 ۔