DEV Community

Cover image for CVE-2021-26084: Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability
Freedom Coder
Freedom Coder

Posted on • Originally published at scyscan.com

CVE-2021-26084: Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability

#atlassian #confluenceserveranddatacenter #cybersecurity #vulnerability

CVE ID

CVE-2021-26084

Vulnerability Name

Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability

  • Project: Atlassian
  • Product: Confluence Server and Data Center

Date

  • Date Added: 2021-11-03
  • Due Date: 2021-11-17

Description

Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2021-26084

Related Security News

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List

Top comments (0)