Lucene search
K

CVE-2024-21683

🗓️ 21 May 2024 23:00:00Reported by atlassianType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 489 Views🌐 WEB

High severity RCE vulnerability in Confluence 5.2, requires immediate patchin

Related
Detection
Affected
Refs
Paths
Social
NVD
Node
atlassianconfluence_serverRange7.19.07.19.24lts
OR
atlassianconfluence_serverRange7.20.07.20.3
OR
atlassianconfluence_serverRange8.0.08.0.4
OR
atlassianconfluence_serverRange8.1.08.1.4
OR
atlassianconfluence_serverRange8.2.08.2.3
OR
atlassianconfluence_serverRange8.3.08.3.4
OR
atlassianconfluence_serverRange8.4.08.4.5
OR
atlassianconfluence_serverRange8.5.08.5.11lts
OR
atlassianconfluence_serverRange8.6.08.6.2
OR
atlassianconfluence_serverRange8.9.08.9.2
OROROROR
Node
atlassianfisheyeRange4.8.04.8.15
Node
atlassiancrucibleRange4.8.04.8.15
Node
atlassianjira_data_centerRange9.4.09.4.21lts
OR
atlassianjira_data_centerRange9.12.09.12.8lts
Node
atlassianjira_serverRange9.4.09.4.21lts
OR
atlassianjira_serverRange9.12.09.12.8lts
Node
atlassianjira_service_managementRange5.4.05.4.21data_center
OR
atlassianjira_service_managementRange5.12.05.12.8data_center
OR
atlassianjira_service_managementRange5.15.25.16.0data_center
Node
atlassianjira_service_managementRange5.4.05.4.21server
OR
atlassianjira_service_managementRange5.12.05.12.8server
OR
[
  {
    "vendor": "Atlassian",
    "product": "Confluence Data Center",
    "versions": [
      {
        "version": "8.9.0",
        "status": "affected"
      },
      {
        "version": "8.8.0 to 8.8.1",
        "status": "affected"
      },
      {
        "version": "8.7.1 to 8.7.2",
        "status": "affected"
      },
      {
        "version": "8.6.0 to 8.6.2",
        "status": "affected"
      },
      {
        "version": "8.5.0 to 8.5.8",
        "status": "affected"
      },
      {
        "version": "8.4.0 to 8.4.5",
        "status": "affected"
      },
      {
        "version": "8.3.0 to 8.3.4",
        "status": "affected"
      },
      {
        "version": "8.2.0 to 8.2.3",
        "status": "affected"
      },
      {
        "version": "8.1.0 to 8.1.4",
        "status": "affected"
      },
      {
        "version": "8.0.0 to 8.0.4",
        "status": "affected"
      },
      {
        "version": "7.20.0 to 7.20.3",
        "status": "affected"
      },
      {
        "version": "7.19.0 to 7.19.21",
        "status": "affected"
      },
      {
        "version": "8.9.1 to 8.9.2",
        "status": "unaffected"
      },
      {
        "version": "8.5.9 to 8.5.10",
        "status": "unaffected"
      },
      {
        "version": "7.19.22 to 7.19.23",
        "status": "unaffected"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
atl_tokenupload dataadmin/plugins/newcode/addlanguage.actionAuthenticated admin can upload a code-macro language file which can be crafted to execute arbitrary code on the server (RCE).CWE-94
languageFileupload dataadmin/plugins/newcode/addlanguage.actionAuthenticated admin can upload a code-macro language file which can be crafted to execute arbitrary code on the server (RCE).CWE-94
newLanguageNameupload dataadmin/plugins/newcode/addlanguage.actionAuthenticated admin can upload a code-macro language file which can be crafted to execute arbitrary code on the server (RCE).CWE-94
atl_tokennestedadmin/plugins/newcode/configure.actionEndpoint used to configure and upload a new code macro language (part of the exploit workflow for RCE).CWE-94
languageFilenestedadmin/plugins/newcode/configure.actionEndpoint used to configure and upload a new code macro language (part of the exploit workflow for RCE).CWE-94
newLanguageNamenestedadmin/plugins/newcode/configure.actionEndpoint used to configure and upload a new code macro language (part of the exploit workflow for RCE).CWE-94
operating.systemnestedadmin/systeminfo.actionEndpoint used to retrieve host OS information as part of choosing shell payload (win vs nix).CWE-94
fileupload datauploadGeneric PoC payload upload to trigger remote code execution via uploaded exploit content.CWE-94

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation