High Severity RCE Vulnerability Affects Atlassian Confluence Data Center and Server
CVE-2024-21683

8.8HIGH

Key Information:

Vendor
Atlassian
Status
Confluence Data Center
Vendor
CVE Published:
21 May 2024

Badges

📈 Trended📈 Score: 6,450💰 Ransomware👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2024-21683?

CVE-2024-21683 is a high-severity vulnerability affecting Atlassian Confluence Data Center and Server, which are platforms designed for collaboration and knowledge management within organizations. This particular vulnerability, classified as Remote Code Execution (RCE), enables an authenticated attacker to execute arbitrary code on the server. The potential negative impact of this vulnerability is substantial, as it threatens the security and integrity of an organization's data and operations, allowing unauthorized individuals to manipulate or steal sensitive information without requiring user interaction.

Technical Details

This RCE vulnerability affects versions of Atlassian Confluence starting from version 5.2. With a CVSS score of 7.2, it represents a significant security concern that could be leveraged by attackers if the software is not updated promptly. The flaw allows authenticated users to run arbitrary code on the server, thereby compromising the server’s functions, which is critically concerning for organizations using these platforms to store and share sensitive information.

Impact of the Vulnerability

  1. Confidentiality Risk: The vulnerability can lead to unauthorized access to sensitive data within the Confluence instance, jeopardizing confidential information stored by the organization.

  2. Integrity Threat: An attacker could modify or delete critical data, undermining the integrity of documents, project records, and essential workflows managed within Confluence.

  3. Availability Issues: By exploiting this vulnerability, attackers can cause service disruptions, rendering the Confluence platform inoperative and preventing legitimate users from accessing vital resources and documents, affecting overall productivity.

Affected Version(s)

Confluence Data Center 8.9.0

Confluence Data Center 8.8.0 to 8.8.1

Confluence Data Center 8.7.1 to 8.7.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-21683-RCE
Created by W01fh4cker

cve-2024-21683-rce
Created by XiaomingX

News Articles

favicon imageSpiceworks

Atlassian Confluence Flaw Enables Remote Code Execution - Spiceworks

Explore the details of a critical vulnerability in Atlassian Confluence that enables remote code execution. Learn how users can protect their systems with prompt updates.

7 months ago

favicon imageeSecurity Planet

Vulnerability Recap 6/10/24: RCE Attacks in Major Platforms

Explore recent RCE attacks and other vulnerabilities on major platforms. Stay updated on the latest fixes.

7 months ago

favicon imageHelp Net Security

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: High-risk Atlassian Confluence RCE fixed, PoC available

8 months ago

References

https://confluence.atlassian.com/pages/viewpage.action?pa...
https://jira.atlassian.com/browse/CONFSERVER-95832

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 💰

    Used in Ransomware

  • 👾

    Exploit known to exist

  • 📈

    Vulnerability started trending

  • 📰

    First article discovered by GBHackers on Security

  • Vulnerability published

Credit

Atlassian
.