Confluence Data Center and Server Remote Code Execution Vulnerability


The SonicWall Capture Labs threat research team became aware of a remote code execution vulnerability in the Atlassian Confluence Data Center and Server, assessed its impact and developed mitigation measures.

Confluence Server is a software to manage documentation and knowledge bases with an ubiquitous presence across the globe. Identified as CVE-2024-21683, Confluence Data Center and Server before version 8.9.1(data center only), 8.5.9 LTS and 7.19.22 LTS allows an authenticated threat actor with the privilege of adding new macro languages to execute arbitrary code, earning a high CVSS score of 8.3. Confluence users are encouraged to upgrade their instances to the latest fixed version, as mentioned by the vendor in the advisory.

Read more…
Source: Sonicwall


Sign up for our Newsletter


Related:

  • CISA Binding Operational Directive 22-01 – Reducing the Significant Risk of Known Exploited Vulnerabilities

    November 3, 2021

    A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems. Section 3553(b)(2) of title 44, U.S. Code, authorizes the Secretary of the Department of Homeland Security (DHS) to develop and oversee the implementation of binding operational directives. Federal agencies are required to comply ...

  • CISA: Critical RCE Vulnerability in Discourse

    October 24, 2021

    Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier. CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • How your phone, laptop, or watch can be tracked by their Bluetooth transmissions

    October 22, 2021

    Over the past few years, mobile devices have become increasingly chatty over the Bluetooth Low Energy (BLE) protocol and this turns out to be a somewhat significant privacy risk. Seven boffins at University of California San Diego – Hadi Givehchian, Nishant Bhaskar, Eliana Rodriguez Herrera, Héctor Rodrigo López Soto, Christian Dameff, Dinesh Bharadia, and Aaron Schulman ...

  • Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes

    October 14, 2021

    Recently, Unit 42 has observed active exploits related to an open-source service called Interactsh. This tool can generate specific domain names to help its users test whether an exploit is successful. It can be used by researchers – but also by attackers – to validate vulnerabilities via real-time monitoring on the trace path for the ...

  • MysterySnail attacks IT companies, defence contractors and diplomatic entities with Windows zero-day

    October 12, 2021

    In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. The exploit had numerous debug strings from an older, publicly known exploit for vulnerability CVE-2016-3309, but closer analysis revealed that it was a zero-day. We discovered that it was using ...

  • Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug

    October 12, 2021

    Apple on Monday rushed out a security update for iOS 15.0.2 and iPadOS 15.0.2 to fix a remote code-execution (RCE) zero-day vulnerability that’s being actively exploited. Within hours, a security researcher had picked the bug apart and published both proof-of-concept code and an explanation of the vulnerability, meaning that now’s a really good time to update ...