CVE-2021-26084

2021-08-1000:00:00

atlassian

www.cve.org

EPSS

0.974

Percentile

99.9%

JSON

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

CNA Affected

[
  {
    "product": "Confluence Server",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "6.13.23",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "6.14.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.4.11",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.5.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.11.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.12.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.12.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Confluence Data Center",
    "vendor": "Atlassian",
    "versions": [
      {
        "lessThan": "6.13.23",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "6.14.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.4.11",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.5.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.11.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "7.12.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.12.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]