Confluence Data Center and Server Remote Code Execution Vulnerability


The SonicWall Capture Labs threat research team became aware of a remote code execution vulnerability in the Atlassian Confluence Data Center and Server, assessed its impact and developed mitigation measures.

Confluence Server is a software to manage documentation and knowledge bases with an ubiquitous presence across the globe. Identified as CVE-2024-21683, Confluence Data Center and Server before version 8.9.1(data center only), 8.5.9 LTS and 7.19.22 LTS allows an authenticated threat actor with the privilege of adding new macro languages to execute arbitrary code, earning a high CVSS score of 8.3. Confluence users are encouraged to upgrade their instances to the latest fixed version, as mentioned by the vendor in the advisory.

Read more…
Source: Sonicwall


Sign up for our Newsletter


Related:

  • Cisco discloses high-severity IP phone bug with exploit code

    December 8, 2022

    Cisco has disclosed today a high-severity vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks. The company warned on Thursday that its Product Security Incident Response Team (PSIRT) is “aware that proof-of-concept exploit code is available” and that the “vulnerability has been publicly ...

  • Internet Explorer 0-day exploited by North Korean actor APT37

    December 7, 2022

    To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. This blog will describe a 0-day vulnerability, discovered by TAG in late October 2022, embedded in malicious documents and used to target users in South Korea. TAG attributes this activity to a group of North Korean government-backed actors known ...

  • CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows

    December 2, 2022

    On November 1, 2022, OpenSSL released a security advisory describing two high severity vulnerabilities within the OpenSSL library (CVE-2022-3786 and CVE-2022-3602). OpenSSL versions from 3.0.0 – 3.0.6 are vulnerable, with 3.0.7 containing the patch for both vulnerabilities. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue. In the days leading up to the security advisory, ...

  • Google Chrome emergency update fixes 9th zero-day of the year

    December 2, 2022

    Google has released Chrome 108.0.5359.94/.95 for Windows, Mac, and Linux users to address a single high-severity security flaw, the ninth Chrome zero-day exploited in the wild patched since the start of the year. “Google is aware of reports that an exploit for CVE-2022-4262 exists in the wild,” the search giant said in a security advisory published ...

  • New details on commercial spyware vendor Variston

    November 30, 2022

    Threat Analysis Group (TAG) has been tracking the activities of commercial spyware vendors for years, using our research to improve the safety and security of Google’s products and share intelligence with our industry peers. TAG’s research underscores that the commercial surveillance industry is thriving and has expanded significantly in recent years, creating risk for Internet ...

  • Cloudflare finds a way through China’s network defences

    November 30, 2022

    Cloudflare has found a way to extend some of its services across the Great Firewall and into mainland China. “Performance and reliability for traffic flows across the mainland China border have been a consistent challenge for IT teams within multinational organizations,” wrote product managers Kyle Krum and Annika Garbers. “Packets crossing the China border often experience ...