Palo Alto Networks


Hunting Confluence Atlassian RCE (CVE-2021-26084) by the Cortex XDR Managed Threat Hunting Experts

On Aug. 25, 2021, Atlassian released a security advisory for an injection vulnerability in Confluence Server and Data Center, CVE-2021-26084. If the vulnerability is exploited, threat actors could bypass authentication and run arbitrary code on unpatched systems.

Since the release of this advisory, mass scanning activity has started to occur, seeking unpatched systems, and in-the-wild exploitation has begun....

Sep 14, 2021

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.