Forum Discussion

samstep's avatar
samstep
Icon for Cirrocumulus rankCirrocumulus
Sep 05, 2021

Atlassian Confluence Critical CVE-2021-26084 Mitigation with F5 ASM / F5 WAF

The Confluence CVE-2021-26084 critical vulnerability is in active exploitation, quick mitigation on ASM is to add the following URL to the Disallowed URL:

/pages/createpage-entervariables.action

Make sure that you enable blocking on the 'Ilegal URL' violation.

Patch/update your Confluence:

Link to Confluence Security Advisory - 2021-08-25:

https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html