CVE-2021-26084 - Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability
Project:Atlassian
Product:Confluence Server and Data Center
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability
Description
Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-26084