{"id":9999,"date":"2021-09-08T12:27:18","date_gmt":"2021-09-08T09:27:18","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=9999"},"modified":"2021-09-08T12:27:18","modified_gmt":"2021-09-08T09:27:18","slug":"confluence-server-cve-2021-26084","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/confluence-server-cve-2021-26084\/9999\/","title":{"rendered":"Confluence sunucunuzu hemen g\u00fcncelleyin"},"content":{"rendered":"<p>Jira, Confluence ve Hipchat gibi ara\u00e7lar\u0131n ard\u0131ndaki \u015firket olan Atlassian, A\u011fustos ay\u0131n\u0131n sonunda, kurumsal bilgi sayfalar\u0131 toplulu\u011fu (wiki) arac\u0131 Confluence\u2019daki <a href=\"https:\/\/jira.atlassian.com\/browse\/CONFSERVER-67940\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-26084<\/a> g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 d\u00fczeltmek i\u00e7in bir g\u00fcncelleme yay\u0131nlad\u0131\u011f\u0131n\u0131 duyurdu. S\u00f6z konusu tarihten bu yana g\u00fcvenlik uzmanlar\u0131, savunmas\u0131z Confluence sunucular\u0131na y\u00f6nelik bir \u00e7ok arama ve aktif a\u00e7\u0131ktan yararlanma giri\u015fimleriyle <a href=\"https:\/\/searchsecurity.techtarget.com\/news\/252506129\/Atlassian-Confluence-flaw-under-active-attack\" target=\"_blank\" rel=\"noopener nofollow\">kar\u015f\u0131la\u015ft\u0131lar<\/a>. T\u00fcm Confluence Sunucusu y\u00f6neticilerinin m\u00fcmk\u00fcn olan en k\u0131sa s\u00fcrede <a href=\"https:\/\/www.atlassian.com\/software\/confluence\/download-archives\" target=\"_blank\" rel=\"noopener nofollow\">g\u00fcncellemeyi<\/a> yapmalar\u0131n\u0131 \u00f6neriyoruz.<\/p>\n<h2>CVE-2021-26084 nedir?<\/h2>\n<p>CVE-2021-26084, Confluence\u2019\u0131n etiket sistemindeki Object-Graph Navigation Language (OGNL) kullan\u0131m\u0131ndan kaynaklanan bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131d\u0131r. G\u00fcvenlik a\u00e7\u0131\u011f\u0131, OGNL koduna ek yap\u0131lmas\u0131na ve dolay\u0131s\u0131yla Confluence Sunucusu veya Confluence Veri Merkezi\u2019nin y\u00fckl\u00fc oldu\u011fu bilgisayarlarda rasgele kod y\u00fcr\u00fct\u00fclmesine izin verir. Baz\u0131 durumlarda, kimli\u011fi do\u011frulanmam\u0131\u015f bir kullan\u0131c\u0131 bile (<em>Ki\u015filerin hesaplar\u0131n\u0131 olu\u015fturmak i\u00e7in kaydolmas\u0131na izin ver<\/em> se\u00e7ene\u011fi etkinse) g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlanabilir.<\/p>\n<p>Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 Atlassian taraf\u0131ndan kritik olarak de\u011ferlendiriyor. 9,8 CVSS \u00f6nem derecesine sahip olan g\u00fcvenlik a\u00e7\u0131\u011f\u0131na ili\u015fkin, program\u0131n <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/remote-code-execution-rce\/\" target=\"_blank\" rel=\"noopener\">uzaktan kod y\u00fcr\u00fct\u00fclmesine<\/a> (RCE) izin veren bir s\u00fcr\u00fcm\u00fc de dahil olmak \u00fczere, a\u00e7\u0131ktan yararlanma konusunda bir \u00e7ok <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/poc-proof-of-concept\/\" target=\"_blank\" rel=\"noopener\">kavram kan\u0131t\u0131na<\/a> \u015fimdiden \u00e7evrimi\u00e7i olarak ula\u015f\u0131labiliyor.<\/p>\n<h2>Confluence\u2019\u0131n hangi s\u00fcr\u00fcmleri g\u00fcvenlik a\u00e7\u0131\u011f\u0131na sahip?<\/h2>\n<p>Durum biraz karma\u015f\u0131k. Atlassian\u2019\u0131n m\u00fc\u015fterileri, Confluence\u2019\u0131n farkl\u0131 s\u00fcr\u00fcmlerini kullan\u0131yor ve g\u00fcncellemeleri pek de zaman\u0131nda yapt\u0131klar\u0131 s\u00f6ylenemez. Atlassian\u2019\u0131n resmi a\u00e7\u0131klamas\u0131na g\u00f6re \u015firket, 6.13.23, 7.4.11, 7.11.6, 7.12.5 ve 7.13.0 s\u00fcr\u00fcmleri i\u00e7in g\u00fcncellemeler yay\u0131nlad\u0131. Bu, \u00f6nceki Confluence Sunucu s\u00fcr\u00fcmlerinden 6.13.23\u2019\u00fcn yan\u0131nda, 6.14.0 ile 7.4.11, 7.5.0 ile 7.11.6 ve 7.12.0 ile 7.12.5 aras\u0131ndaki s\u00fcr\u00fcmleri g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan faydan\u0131labilir durumda b\u0131rak\u0131yor. G\u00fcvenlik a\u00e7\u0131\u011f\u0131 Confluence Cloud kullan\u0131c\u0131lar\u0131n\u0131 etkilemiyor.<\/p>\n<h2>Kendinizi koruman\u0131n yollar\u0131<\/h2>\n<p>Atlassian, en yeni Confluence s\u00fcr\u00fcm\u00fc olan 7.13.0 kullan\u0131lmas\u0131n\u0131 \u00f6neriyor. Bu m\u00fcmk\u00fcn de\u011filse, s\u0131ras\u0131yla 6.13.<em>x<\/em> s\u00fcr\u00fcm\u00fc kullan\u0131c\u0131lar\u0131n\u0131n 6.13.23\u2019e, 7.4.<em>x<\/em> kullan\u0131c\u0131lar\u0131n\u0131n 7.4.11\u2019e, 7.11.<em>x<\/em> kullan\u0131c\u0131lar\u0131n\u0131n 7.11.6\u2019ya ve 7.12.<em>x<\/em> kullan\u0131c\u0131lar\u0131n\u0131n 7.12.5\u2019e g\u00fcncellem yapmas\u0131 \u00f6neriliyor. \u015eirket ayr\u0131ca, bu kademeli g\u00fcncellemeleri bile ger\u00e7ekle\u015ftiremeyenler i\u00e7in Linux tabanl\u0131 ve Microsoft Windows tabanl\u0131 \u00e7\u00f6z\u00fcmler konusunda <a href=\"https:\/\/confluence.atlassian.com\/doc\/confluence-security-advisory-2021-08-25-1077906215.html\" target=\"_blank\" rel=\"noopener nofollow\">birka\u00e7 ge\u00e7ici \u00e7\u00f6z\u00fcm sunuyor<\/a>.<\/p>\n<p>\u00dczerinde Confluence \u00e7al\u0131\u015fan makineler, di\u011fer sunucular gibi birer u\u00e7 noktad\u0131r. Ve t\u0131pk\u0131 di\u011fer sunucularda oldu\u011fu gibi, rastgele kod \u00e7al\u0131\u015ft\u0131r\u0131lmas\u0131n\u0131 olabildi\u011fince zor hale getirmek i\u00e7in bu makinelerde de iyi bir <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fcne<\/a> ihtiya\u00e7 vard\u0131r.<\/p>\n<p>Ayr\u0131ca, g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan uzaktan yararlanmak i\u00e7in sald\u0131rganlar\u0131n \u015firket a\u011f\u0131na girmesi gerekti\u011fini ve <a href=\"https:\/\/www.kaspersky.com\/enterprise-security\/managed-detection-and-response?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener nofollow\">Y\u00f6netilen Tespit ve Yan\u0131t<\/a>-s\u0131n\u0131f\u0131 hizmetlere sahip uzmanlar\u0131n bu t\u00fcr \u015f\u00fcpheli etkinlikleri tespit edebilece\u011fini unutmay\u0131n. Ayr\u0131ca Confluence\u2019a olan eri\u015fimin, \u015firket d\u0131\u015f\u0131ndan hi\u00e7 kimsenin \u015firket i\u00e7i hizmetlere eri\u015fimi olmayacak \u015fekilde k\u0131s\u0131tlanmas\u0131 gerekti\u011fini de belirtmekte fayda var.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>K\u00f6t\u00fc niyetli ki\u015filer, savunmas\u0131z Confluence sunucular\u0131 ar\u0131yor ve bir RCE g\u00fcvenlik a\u00e7\u0131\u011f\u0131 olan CVE-2021-26084&#8217;ten yararlan\u0131yor.<\/p>\n","protected":false},"author":2581,"featured_media":10000,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[2469,2468,790,2159],"class_list":{"0":"post-9999","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-atlassian","10":"tag-confluence","11":"tag-guvenlik-aciklari","12":"tag-rce"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/confluence-server-cve-2021-26084\/9999\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/confluence-server-cve-2021-26084\/23254\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/confluence-server-cve-2021-26084\/18741\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/confluence-server-cve-2021-26084\/9395\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/confluence-server-cve-2021-26084\/25306\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/confluence-server-cve-2021-26084\/23376\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/confluence-server-cve-2021-26084\/22750\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/confluence-server-cve-2021-26084\/25919\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/confluence-server-cve-2021-26084\/25450\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/confluence-server-cve-2021-26084\/31423\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/confluence-server-cve-2021-26084\/41635\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/confluence-server-cve-2021-26084\/17563\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/confluence-server-cve-2021-26084\/18058\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/confluence-server-cve-2021-26084\/15209\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/confluence-server-cve-2021-26084\/27273\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/confluence-server-cve-2021-26084\/31553\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/confluence-server-cve-2021-26084\/27490\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/confluence-server-cve-2021-26084\/24300\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/confluence-server-cve-2021-26084\/29640\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/confluence-server-cve-2021-26084\/29433\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guvenlik-aciklari\/","name":"g\u00fcvenlik a\u00e7\u0131klar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9999","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=9999"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9999\/revisions"}],"predecessor-version":[{"id":10001,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9999\/revisions\/10001"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10000"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=9999"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=9999"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=9999"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}