/plushcap/analysis/cloudflare/how-cloudflare-helped-mitigate-the-atlassian-confluence-ognl-vulnerability-before-the-poc-was-released

How Cloudflare helped mitigate the Atlassian Confluence OGNL vulnerability before the PoC was released

What's this blog post about?

On August 25, 2021, Atlassian issued a security advisory for their Confluence Server and Data Center due to an Object-Graph Navigation Language (OGNL) injection vulnerability that could allow unauthenticated attackers to execute arbitrary code. A full proof of concept (PoC) was made available by a security researcher on August 31, 2021. Cloudflare reviewed the PoC and prepared a mitigation rule via an emergency release, which was deployed on September 1, 2021. The new rule automatically protected all customers using the Cloudflare WAF to protect their self-hosted Confluence applications. Additionally, the Cloudflare WAF started blocking a high number of potentially malicious requests to Confluence applications even before the rule was deployed. Customers must update their self-hosted Confluence installations to ensure full protection from this critical vulnerability (CVE-2021-26084).

Company
Cloudflare

Date published
Sept. 8, 2021

Author(s)
Michael Tremante

Word count
929

Language
English

Hacker News points
6


By Matt Makai. 2021-2024.