How to deal with CVE-2021-26084

Hello,

we have bought a license for Confluence server, but since Atlassian ended the development of this product, we do not pay the maintenance anymore.

Recently, it has come to our knowledge that there is a critical security bug in your product, addressable as CVE-2021-26084, which could cause severe damage to our company.

It is not possible for us to upgrade to newer version not we want or can migrate to cloud due to our internal security protocols.

We need an official statement how to deal with this problem, as soon as possible. We believe that security issues like this must be possible to fix even without paid maintenance, since without it your product cannot be used anymore.

Thank you,

Kind Regards,

Petr Vokoun

1 answer

1 accepted

1 vote

Answer accepted

Hi @petrvokoun ,

here an official statement provided by Atlassian https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html

If you can't upgrade your current Confluence , you can mitigate that issue through the workaround provided by Atlassian in that article.

Hope this helps,

Fabio

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi Fabio,

we will try it asap. Thanks a lot!

Petr

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

You're welcome @petrvokoun .

Please accept my answer so that this thread can be considered closed.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like • like this

Suggest an answer

Was this helpful?

Thanks!

Confluence

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

How to deal with CVE-2021-26084