Palo Alto Networks

Atlassian Confluence

CVE-2021-26084 Linux Exploitation in the Wild

Recently, a new OGNL (Object-Graph Navigation Language) expression injection vulnerability was discovered in the Atlassian Confluence framework. OGNL expression evaluation can lead to arbitrary code execution, as was seen in the past with a similar Apache Struts vulnerability (CVE-2019-0230), and this case is no different.

To protect Linux hosts, Cortex XDR added a dedicated module to detect and prevent Java deserialization vulnerabilities and vulnerabilities such as tho...

Sep 24, 2021

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.