Forum Discussion

Cirrocumulus

Sep 05, 2021

Atlassian Confluence Critical CVE-2021-26084 Mitigation with F5 ASM / F5 WAF

The Confluence CVE-2021-26084 critical vulnerability is in active exploitation, quick mitigation on ASM is to add the following URL to the Disallowed URL: /pages/createpage-entervariables.action...

ASM Advanced WAF

security

samstep

Cirrocumulus

Sep 05, 2021

This is how attackers currently bypass WAF:

https://twitter.com/Jok3rDb/status/1434099427862482952

The "quick mitigation" on ASM is to

Disallow URL:

/pages/createpage-entervariables.action

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Atlassian Confluence Critical CVE-2021-26084 Mitigation with F5 ASM / F5 WAF

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

SSL Bridging and FQDN rewrite Policy

How can I get started with iCall

Checking for X-Forwarded-For against an Address Data-Group

Related Content

F5 Distributed Cloud L3-L7 DDoS Mitigation

Mitigating Log4j Vulnerability using F5 BIG-IP

Realtime DoS mitigation with VELOS BX520 Blade

DNS Tunnel Mitigation v2

Mitigating OWASP API Security risks using BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS