Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2024-21683

🗓️ 21 May 2024 23:00:00Reported by atlassianType 
cve
 cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 477 Views🌐 WEB

High severity RCE vulnerability in Confluence 5.2, requires immediate patchin

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for Code Injection in Atlassian Confluence_Data_Center
29 Nov 202413:27
githubexploit
GithubExploit		Exploit for Code Injection in Atlassian Confluence_Data_Center
4 Jun 202412:00
githubexploit
GithubExploit		Exploit for Code Injection in Atlassian Confluence_Data_Center
24 May 202405:38
githubexploit
GithubExploit		Exploit for Code Injection in Atlassian Confluence_Data_Center
23 May 202402:10
githubexploit
GithubExploit		Exploit for Code Injection in Atlassian Confluence_Data_Center
27 May 202411:14
githubexploit
GithubExploit		Exploit for Code Injection in Atlassian Confluence_Data_Center
23 May 202409:05
githubexploit
0day.today		Atlassian Confluence Administrator Code Macro Remote Code Execution Exploit
15 Jul 202400:00
zdt
BDU FSTEC		The vulnerability of the Atlassian Confluence Server web server and the Confluence Data Center’s date processing system, related to errors in handling input data, allows a perpetrator to execute arbitrary code.
24 May 202400:00
bdu_fstec
Circl		CVE-2024-21683
22 May 202416:49
circl
CNNVD		Atlassian Confluence Data Center and Server 安全漏洞
21 May 202400:00
cnnvd
Rows per page
NVD
Node
atlassianconfluence_data_centerRange7.19.07.19.24lts
OR
atlassianconfluence_data_centerRange7.20.07.20.3
OR
atlassianconfluence_data_centerRange8.0.08.0.4
OR
atlassianconfluence_data_centerRange8.1.08.1.4
OR
atlassianconfluence_data_centerRange8.2.08.2.3
OR
atlassianconfluence_data_centerRange8.3.08.3.4
OR
atlassianconfluence_data_centerRange8.4.08.4.5
OR
atlassianconfluence_data_centerRange8.5.08.5.11lts
OR
atlassianconfluence_data_centerRange8.6.08.6.2
OR
atlassianconfluence_data_centerRange8.9.08.9.3
OR
atlassianconfluence_data_centerMatch8.7.1
OR
atlassianconfluence_data_centerMatch8.7.2
OR
atlassianconfluence_data_centerMatch8.8.0
OR
atlassianconfluence_data_centerMatch8.8.1
Node
atlassianconfluence_serverRange7.19.07.19.24lts
OR
atlassianconfluence_serverRange7.20.07.20.3
OR
atlassianconfluence_serverRange8.0.08.0.4
OR
atlassianconfluence_serverRange8.1.08.1.4
OR
atlassianconfluence_serverRange8.2.08.2.3
OR
atlassianconfluence_serverRange8.3.08.3.4
OR
atlassianconfluence_serverRange8.4.08.4.5
OR
atlassianconfluence_serverRange8.5.08.5.11lts
OR
atlassianconfluence_serverRange8.6.08.6.2
OR
atlassianconfluence_serverRange8.9.08.9.2
OR
atlassianconfluence_serverMatch8.7.1
OR
atlassianconfluence_serverMatch8.7.2
OR
atlassianconfluence_serverMatch8.8.0
OR
atlassianconfluence_serverMatch8.8.1
Node
atlassianfisheyeRange4.8.04.8.15
Node
atlassiancrucibleRange4.8.04.8.15
Node
atlassianjira_data_centerRange9.4.09.4.21lts
OR
atlassianjira_data_centerRange9.12.09.12.8lts
Node
atlassianjira_serverRange9.4.09.4.21lts
OR
atlassianjira_serverRange9.12.09.12.8lts
Node
atlassianjira_service_managementRange5.4.05.4.21data_center
OR
atlassianjira_service_managementRange5.12.05.12.8data_center
OR
atlassianjira_service_managementRange5.15.25.16.0data_center
Node
atlassianjira_service_managementRange5.4.05.4.21server
OR
atlassianjira_service_managementRange5.12.05.12.8server
OR
atlassianjira_service_managementMatch5.15.2server
[
  {
    "vendor": "Atlassian",
    "product": "Confluence Data Center",
    "versions": [
      {
        "version": "8.9.0",
        "status": "affected"
      },
      {
        "version": "8.8.0 to 8.8.1",
        "status": "affected"
      },
      {
        "version": "8.7.1 to 8.7.2",
        "status": "affected"
      },
      {
        "version": "8.6.0 to 8.6.2",
        "status": "affected"
      },
      {
        "version": "8.5.0 to 8.5.8",
        "status": "affected"
      },
      {
        "version": "8.4.0 to 8.4.5",
        "status": "affected"
      },
      {
        "version": "8.3.0 to 8.3.4",
        "status": "affected"
      },
      {
        "version": "8.2.0 to 8.2.3",
        "status": "affected"
      },
      {
        "version": "8.1.0 to 8.1.4",
        "status": "affected"
      },
      {
        "version": "8.0.0 to 8.0.4",
        "status": "affected"
      },
      {
        "version": "7.20.0 to 7.20.3",
        "status": "affected"
      },
      {
        "version": "7.19.0 to 7.19.21",
        "status": "affected"
      },
      {
        "version": "8.9.1 to 8.9.2",
        "status": "unaffected"
      },
      {
        "version": "8.5.9 to 8.5.10",
        "status": "unaffected"
      },
      {
        "version": "7.19.22 to 7.19.23",
        "status": "unaffected"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
atl_tokenrequest bodyadmin/plugins/newcode/addlanguage.actionAuthenticated Confluence RCE via code macro language upload (Add Language) using multipart form data to trigger Java ProcessBuilder executionCWE-94
languageFilerequest bodyadmin/plugins/newcode/addlanguage.actionAuthenticated Confluence RCE via code macro language upload (Add Language) using multipart form data to trigger Java ProcessBuilder executionCWE-94
newLanguageNamerequest bodyadmin/plugins/newcode/addlanguage.actionAuthenticated Confluence RCE via code macro language upload (Add Language) using multipart form data to trigger Java ProcessBuilder executionCWE-94

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jun 2026 07:09Current
8.8High risk
Vulners AI Score8.8
CVSS 3.18.8
EPSS0.88267
SSVC
CWE-94In Wild
rce vulnerabilityconfluence data centerconfluence servercvss score 8.3atlassianupgraderelease notesdownload centerconfidentiality impactintegrity impactavailability impactno user interactionpatching
477