Confluence Data Center and Server Remote Code Execution Vulnerability


The SonicWall Capture Labs threat research team became aware of a remote code execution vulnerability in the Atlassian Confluence Data Center and Server, assessed its impact and developed mitigation measures.

Confluence Server is a software to manage documentation and knowledge bases with an ubiquitous presence across the globe. Identified as CVE-2024-21683, Confluence Data Center and Server before version 8.9.1(data center only), 8.5.9 LTS and 7.19.22 LTS allows an authenticated threat actor with the privilege of adding new macro languages to execute arbitrary code, earning a high CVSS score of 8.3. Confluence users are encouraged to upgrade their instances to the latest fixed version, as mentioned by the vendor in the advisory.

Read more…
Source: Sonicwall


Sign up for our Newsletter


Related:

  • Security advisory accidentally exposes vulnerable systems

    July 6, 2022

    A security advisory for a vulnerability (CVE) published by MITRE has accidentally been exposing links to remote admin consoles of over a dozen vulnerable IP devices since at least April 2022. BleepingComputer became aware of this issue yesterday after getting tipped off by a reader who prefers to remain anonymous. The reader was baffled on seeing ...

  • What to do about inherent security flaws in critical infrastructure?

    July 3, 2022

    The latest threat security research into operational technology (OT) and industrial systems identified a bunch of issues — 56 to be exact — that criminals could use to launch cyberattacks against critical infrastructure. But many of them are unfixable, due to insecure protocols and architectural designs. And this highlights a larger security problem with devices that ...

  • Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware

    June 28, 2022

    Trend Micro Research recently analyzed several cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. After investigating the chain of events, they found that many of these attacks resulted in data being exfiltrated from the infected systems. However, the researchers also found that some of the victims were infected ...

  • 2022 CWE Top 25 Most Dangerous Software Weaknesses

    June 28, 2022

    The Homeland Security Systems Engineering and Development Institute, sponsored by CISA and operated by MITRE, has released the 2022 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. The list uses data from the National Vulnerability Database to compile the most frequent and critical errors that can lead to serious vulnerabilities in software. An ...

  • CISA Adds Eight Known Exploited Vulnerabilities to Catalog  

    June 27, 2022

    CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date ...

  • CISA: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

    June 23, 2022

    The Cybersecurity and Infrastructure Security Agency (CISA) and United States Coast Guard Cyber Command (CGCYBER) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon® and Unified Access Gateway (UAG) servers to obtain initial ...