Original release date: September 3, 2021
On August 25, 2021, Atlassian released security updates to address a remote code execution vulnerability (CVE-2021-26084) affecting Confluence Server and Data Center. Recently, CVE-2021-26084 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system.
CISA urges users and administrators to review Atlassian Security Advisory 2021-08-25 and immediately apply the necessary updates.