Emerging Threats
CVE2021
CVE-2021-26084
2Rules
6References
1Folders
2023-03-24Latest
Summary
CVE-2021-26084 is tracked here through 2 Sigma detections for exploitation attempts and related post-exploitation behavior observed in 2021. Coverage centers on webserver, windows / process_creation.
Related Detections
Search this threatEmerging Threathightest
Potential CVE-2021-26084 Exploitation Attempt
Detects potential exploitation of CVE-2021-260841 a Confluence RCE using OGNL injection
Web Server Log
TA0001 · Initial AccessT1190 · Exploit Public-Facing Applicationcve.2021-26084detection.emerging-threats
Sittikorn S+1Tue Dec 132021
Emerging Threathightest
Potential Atlassian Confluence CVE-2021-26084 Exploitation Attempt
Detects spawning of suspicious child processes by Atlassian Confluence server which may indicate successful exploitation of CVE-2021-26084
WindowsProcess Creation
TA0001 · Initial AccessTA0002 · ExecutionT1190 · Exploit Public-Facing ApplicationT1059 · Command and Scripting Interpreter+2
Bhabesh RajWed Sep 082021
References