Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Atlassian Confluence Critical CVE-2021-26084 Mitigation with F5 ASM / F5 WAF

samstep
Cirrostratus
Cirrostratus

‎05-Sep-2021 08:37 - last edited on ‎04-Jun-2023 19:18 by Fog

The Confluence CVE-2021-26084 critical vulnerability is in active exploitation, quick mitigation on ASM is to add the following URL to the Disallowed URL:

/pages/createpage-entervariables.action

Make sure that you enable blocking on the 'Ilegal URL' violation.

Patch/update your Confluence:

Link to Confluence Security Advisory - 2021-08-25:

https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html

Labels:
0 Kudos
1 REPLY 1

samstep
Cirrostratus
Cirrostratus

‎05-Sep-2021 08:39 - last edited on ‎04-Jun-2023 19:18 by Fog

This is how attackers currently bypass WAF:

https://twitter.com/Jok3rDb/status/1434099427862482952

The "quick mitigation" on ASM is to

Disallow URL:

/pages/createpage-entervariables.action
0 Kudos
Copyright © 2023 Khoros, LLC