Forum Discussion
samstep
Cirrocumulus
CirrocumulusAtlassian Confluence Critical CVE-2021-26084 Mitigation with F5 ASM / F5 WAF
The Confluence CVE-2021-26084 critical vulnerability is in active exploitation, quick mitigation on ASM is to add the following URL to the Disallowed URL: /pages/createpage-entervariables.action...
samstepCirrocumulus
CirrocumulusThis is how attackers currently bypass WAF:
https://twitter.com/Jok3rDb/status/1434099427862482952
The "quick mitigation" on ASM is to
Disallow URL:
/pages/createpage-entervariables.action
