HomePentest-Tools.com Logo

Atlassian Confluence - Remote Code Execution (CVE-2021-26084)

Severity
CVSSv3 Score
9.8
Vulnerability description

Atlassian Confluence is affected by a Remote Code Execution, located on the createpage-entervariables.action endpoint. Versions lower than 7.12.5 are vulnerable to this OGNL Injection vulnerability. This allows a malicious user to execute arbitrary code on the server.

Risk description

The risk exists that a remote unauthenticated attacker can fully compromise the Confluence Server in order to steal confidential information, install ransomware or pivot to the internal network.

Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.

Recommendation

Upgrade the Confluence server to a version higher than 7.12.5.

Codename
Not available
Detectable with
Network Scanner
Exploitable with Sniper
Yes
Vuln date
Aug 2021
Published at
Updated at
Software Type
Collaboration software
Vendor
Atlassian
Product
Confluence