The SonicWall Capture Labs threat research team became aware of a remote code execution vulnerability in the Atlassian Confluence Data Center and Server, assessed its impact and developed mitigation measures.
Confluence Server is a software to manage documentation and knowledge bases with an ubiquitous presence across the globe. Identified as CVE-2024-21683, Confluence Data Center and Server before version 8.9.1(data center only), 8.5.9 LTS and 7.19.22 LTS allows an authenticated threat actor with the privilege of adding new macro languages to execute arbitrary code, earning a high CVSS score of 8.3. Confluence users are encouraged to upgrade their instances to the latest fixed version, as mentioned by the vendor in the advisory.
Read more…
Source: Sonicwall
Related:
- Update now: Samba prior to 4.13.17 hit with remote root code execution bug
February 1, 2022
Samba has fixed a vulnerability in all versions of its software prior to version 4.13.17 that allowed for a remote actor to execute code as root, thanks to an out-of-bounds heap read write vulnerability. “The specific flaw exists within the parsing of EA metadata when opening files in smbd. Access as a user that has write ...
- CISA adds 8 vulnerabilities to list of actively exploited bugs
January 31, 2022
The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they’re a mix of old and new. The goal of publishing these vulnerabilities is to raise awareness and remind federal organizations of their obligation to apply security updates ...
- Apple Pays $100.5K Bug Bounty for Mac Webcam Hack
January 31, 2022
A researcher who showed Apple how its webcams can be hijacked via a universal cross-site scripting bug (UXSS) Safari bug has been awarded what is reportedly a record $100,500 bug bounty. The bug could be used by an adversary as part of an attack to gain full access to every website ever visited by the ...
- 277,000 routers exposed to Eternal Silence attacks via UPnP
January 31, 2022
A malicious campaign known as ‘Eternal Silence’ is abusing Universal Plug and Play (UPnP) turns your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors. UPnP is a connectivity protocol optionally available in most modern routers that allows other devices on a network to create port forwarding ...
- QNAP warns NAS users of DeadBolt ransomware, urges customers to update
January 27, 2022
Taiwanese network-attached storage giant QNAP urged its customers to update their systems this week after the DeadBolt ransomware was discovered targeting all NAS instances exposed to the internet. “QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP NAS and routers, and immediately update QTS to the ...
- Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data
January 25, 2022
Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that information to aid in the exploitation of other vulnerabilities This vulnerability specifically exists in the DDS image parsing functionality of Apple’s ImageIO library that exists ...

