Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

Technology

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner.

The “successful attack,” which is believed to have occurred last week, was mounted against its Confluence service that had been deprecated since October 2019, leading the team to take the server offline, rotate privileged credentials, and reset passwords for developer accounts.

“At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected,” the company said in a statement published over the weekend.

The disclosure comes as the U.S. Cyber Command warned of ongoing mass exploitation attempts in the wild targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments.

Tracked as CVE-2021-26084 (CVSS score: 9.8), the flaw concerns an OGNL (Object-Graph Navigation Language) injection flaw that, in specific instances, could be exploited to execute arbitrary code on a Confluence Server or Data Center instance.

According to cybersecurity firm Censys, a search engine for finding internet devices, around 14,637 exposed and vulnerable Confluence servers were discovered right before details about the flaw became public on August 25, a number that has since dropped to 8,597 as of September 5 as companies continue to apply Atlassian’s patches and pull afflicted servers from being reachable over the internet.

Products You May Like

Articles You May Like

How to Watch Gladiator Movies (2024): Stream Online, Download, Blu-ray
Billie Lourd Mourns Mom Carrie Fisher After Death: ‘Emotional Storm’
Trump meets TikTok CEO, Supreme Court asked to block app ban
The Hunting Party Teases The Hunt for The World’s Most Dangerous Criminals in NBC’s Teaser Trailer
Ruijie Networks’ Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks