High target vulnerabilities leading to information disclosure.
According to FortiGuard Labs researcher, the two vulnerabilities could eventually lead to information disclosure. The CVE-2021-26085 for Atlassian Confluence Server could allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. While, the CVE-2021-26086 for Atlassian Jira Server and Data Center could allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. Learn More »
Common Vulnerabilities and Exposures
Background
Atlassian released the advisory for CVE-2021-26085 and CVE-2021-26086 respectively on July 21 and August 21, 2021. Both CVEs has a Medium severity base score of 5.3, however software/server versions should be upgraded to correct and required versions if not already been upgraded as recommended by the vendor.
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
March 28, 2022: CVE-2021-26085 is added to CISA's Known Exploited Vulnerabilities Catalog.
Based on the FortiGuard telemetries, the two CVEs have been a popular target for attackers. The statistics shows considerable high amount of attack detections which sometimes reaches up to 15,000 devices per day. The detected attacks are blocked by the FortiGuard IPS signature. "Atlassian.Server.S.Endpoint.Information.Disclosure"
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
IPS
-
Web App Security
-
Application Firewall
-
Outbreak Detection
-
Threat Hunting
-
Content Update
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
References
Sources of information in support and relation to this Outbreak and vendor.