CVE-2021-26084

Description from NVD

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

Information Acquisition Date:2021-09-17T14:54Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://jira.atlassian.com/browse/CONFSERVER-67940
     source:MISC
     tags:Issue Tracking    Patch    Vendor Advisory    
 http://packetstormsecurity.com/files/164013/Confluence-Server-7.12.4-OGNL-Injection-Remote-Code-Execution.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://packetstormsecurity.com/files/164122/Atlassian-Confluence-WebWork-OGNL-Injection.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Apple(1 tweets) Java(8 tweets) Jenkins(8 tweets) Linux(10 tweets) PHP(1 tweets) Struts(2 tweets) VMware(3 tweets) Windows(1 tweets) iOS(2 tweets)



List of frequently cited URLs

URLNum of Times Referred to
http://vulmon.com/vulnerabilitydetails?qid=CVE3178
https://lists.astaro.com/ASGV9-IPS-rules.html22
https://github.com/dinhbaouit/CVE-2021-2608421
https://tradahacking.vn/atlassian-confluence-cve-2021-26084...17
https://securityaffairs.co/wordpress/121760/hacking/conflue...13
https://confluence.atlassian.com/doc/confluence-security-ad...12
https://unit42.paloaltonetworks.com/cve-2021-26084/9
https://www.jpcert.or.jp/at/2021/at210037.html8
https://censys.io/blog/cve-2021-26084-confluenza/7
https://thehackernews.com/2021/09/us-cyber-command-warns-of...7
https://www.imperva.com/blog/attackers-exploit-cve-2021-260...6
https://jira.atlassian.com/browse/CONFSERVER-679406
https://www.lacework.com/blog/muhstik-takes-aim-at-confluen...4
https://blogs.juniper.net/en-us/threat-research/muhstik-bot...4
https://blog.kaspersky.co.jp/confluence-server-cve-2021-260...4
https://news.ycombinator.com/item?id=284058884
https://bit.ly/3EbIgtZ3
https://ift.tt/3taXCK63
https://vfeed.io3
https://opsmtrs.com/33G8R113
https://twitter.com/TheHackersNews/status/14309223666289500163
https://www.zdnet.com/article/us-cybercom-says-mass-exploit...3
https://www.rapid7.com/blog/post/2021/09/02/active-exploita...3
https://therecord.media/confluence-enterprise-servers-targe...3
https://www.kaspersky.com/blog/confluence-server-cve-2021-2...3
https://blogs.blackberry.com/en/2021/09/blue-team-a-defensi...3
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2021-ALE-018/3
https://www.kaspersky.com.br/blog/confluence-server-cve-202...3
https://www.securityweek.com/recently-patched-confluence-vu...3
https://www.countercraftsec.com/blog/post/a-step-by-step-cv...3
https://ipssignatures.appspot.com/?cve=CVE-2021-260843

▼ Show Information from Twitter(750)


List of frequently cited URLs

URLNum of Times Referred to
vulmon.com3178
lists.astaro.com22
github.com21
tradahacking.vn17
securityaffairs.co13
confluence.atlassian.com12
unit42.paloaltonetworks.com9
www.jpcert.or.jp8
censys.io7
thehackernews.com7
www.imperva.com6
jira.atlassian.com6
www.lacework.com4
blogs.juniper.net4
blog.kaspersky.co.jp4
news.ycombinator.com4
bit.ly3
ift.tt3
vfeed.io3
opsmtrs.com3
twitter.com3
www.zdnet.com3
www.rapid7.com3
therecord.media3
www.kaspersky.com3
blogs.blackberry.com3
www.cert.ssi.gouv.fr3
www.kaspersky.com.br3
www.securityweek.com3
www.countercraftsec.com3
ipssignatures.appspot.com3

▼ Show Information from Twitter(750)


GitHub Search Results: Up to 10
NameURL
h3v0x/CVE-2021-26084_Confluence https://github.com/h3v0x/CVE-2021-26084_Confluence
dinhbaouit/CVE-2021-26084 https://github.com/dinhbaouit/CVE-2021-26084
FanqXu/CVE-2021-26084 https://github.com/FanqXu/CVE-2021-26084
r0ckysec/CVE-2021-26084_Confluence https://github.com/r0ckysec/CVE-2021-26084_Confluence
alt3kx/CVE-2021-26084_PoC https://github.com/alt3kx/CVE-2021-26084_PoC
1ZRR4H/CVE-2021-26084 https://github.com/1ZRR4H/CVE-2021-26084
Udyz/CVE-2021-26084 https://github.com/Udyz/CVE-2021-26084
tangxiaofeng7/CVE-2021-26084 https://github.com/tangxiaofeng7/CVE-2021-26084
carlosevieira/CVE-2021-26084 https://github.com/carlosevieira/CVE-2021-26084
dorkerdevil/CVE-2021-26084 https://github.com/dorkerdevil/CVE-2021-26084

GitHub Search Results: Up to 10
NameURL
h3v0x/CVE-2021-26084_Confluence github.com
dinhbaouit/CVE-2021-26084 github.com
FanqXu/CVE-2021-26084 github.com
r0ckysec/CVE-2021-26084_Confluence github.com
alt3kx/CVE-2021-26084_PoC github.com
1ZRR4H/CVE-2021-26084 github.com
Udyz/CVE-2021-26084 github.com
tangxiaofeng7/CVE-2021-26084 github.com
carlosevieira/CVE-2021-26084 github.com
dorkerdevil/CVE-2021-26084 github.com

2021/09/17 Score : 10
Added Har-sia Database : 2021/08/26
Last Modified : 2021/09/17
Highest Scored Date : 2021/09/04
Highest Score : 114