The U.S. Cyber Command warns of ongoing mass exploitation attempts targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments. The vulnerability could be abused by unauthenticated attackers to take control of a vulnerable system. The Australian company rolled out security updates on August 25 for an OGNL (Object-Graph Navigation Language) injection flaw that, in specific instances, could be exploited to execute arbitrary code on a Confluence Server or Data Center instance. The flaw has been assigned the identifier CVE-2021-26084 and has been addressed in the following versions.”]
Source: https://thehackernews.com/2021/09/us-cyber-command-warns-of-ongoing.html