Critical Flaw In Confluence Server Let Attackers Execute Arbitrary Code


The widely used team workspace corporate wiki Confluence has been discovered to have a critical remote code execution vulnerability.

This vulnerability has been assigned with CVE-2024-21683 with a severity of 8.3 (High). 

This vulnerability affects multiple versions of Confluence Data Center and server, including Data Center version 8.9.0 and Server versions 8.5.0 through 8.5.8 LTS.

However, this vulnerability has been fixed in the latest versions of Confluence Data Center and Server.

Atlassian Internal discovered this vulnerability, and it has been fixed accordingly.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

Technical Analysis –  CVE-2024-21683

According to the advisory, this vulnerability allows an authenticated attacker to execute arbitrary code in the system that could result in high impact in the CIA (Confidentiality, Integrity and Availability).

Further, this vulnerability does not require any user interaction to be successful.

Atlassian has published no other information about this vulnerability.

However, depending on the description, it can be speculated that this vulnerability was easier for an authenticated attacker to exploit.

The complete details and a proof-of-concept for this vulnerability are yet to be published.

Atlassian recommends its users upgrade their Data Centers and Servers to the latest versions below.

Data Center

Affected versions Fixed versions
8.9.0 8.9.1
from 8.8.0 to 8.8.1 8.9.1
from 8.7.0 to 8.7.2 8.9.1
from 8.6.0 to 8.6.2 8.9.1
from 8.5.0 to 8.5.8 LTS 8.9.1 or 8.5.9 LTS recommended
from 8.4.0 to 8.4.5 8.9.1 or 8.5.9 LTS recommended
from 8.3.0 to 8.3.4 8.9.1 or 8.5.9 LTS recommended
from 8.2.0 to 8.2.3 8.9.1 or 8.5.9 LTS recommended
from 8.1.0 to 8.1.4 8.9.1 or 8.5.9 LTS recommended
from 8.0.0 to 8.0.4 8.9.1 or 8.5.9 LTS recommended
from 7.20.0 to 7.20.3 8.9.1 or 8.5.9 LTS recommended
from 7.19.0 to 7.19.21 LTS 8.9.1 or 8.5.9 LTS recommended or 7.19.22 LTS
from 7.18.0 to 7.18.3 8.9.1 or 8.5.9 LTS recommended or 7.19.22 LTS
from 7.17.0 to 7.17.5 8.9.1 or 8.5.9 LTS recommended or 7.19.22 LTS
Any earlier versions 8.9.1 or 8.5.9 LTS recommended or 7.19.22 LTS

Server

Affected versions Fixed versions
from 8.5.0 to 8.5.8 LTS 8.5.9 LTS recommended
from 8.4.0 to 8.4.5 8.5.9 LTS recommended
from 8.3.0 to 8.3.4 8.5.9 LTS recommended
from 8.2.0 to 8.2.3 8.5.9 LTS recommended
from 8.1.0 to 8.1.4 8.5.9 LTS recommended
from 8.0.0 to 8.0.4 8.5.9 LTS recommended
from 7.20.0 to 7.20.3 8.5.9 LTS recommended
from 7.19.0 to 7.19.21 LTS 8.5.9 LTS recommended or 7.19.22 LTS
from 7.18.0 to 7.18.3 8.5.9 LTS recommended or 7.19.22 LTS
from 7.17.0 to 7.17.5 8.5.9 LTS recommended or 7.19.22 LTS
Any earlier versions 8.5.9 LTS recommended or 7.19.22 LTS

Users of Confluence are advised to upgrade to the latest versions to prevent the exploitation of these vulnerabilities by threat actors.

ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service



Source link