CVE-2021-26084

Description from NVD

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

Information Acquisition Date:2022-03-26T14:18Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://jira.atlassian.com/browse/CONFSERVER-67940
     source:MISC
     tags:Issue Tracking    Patch    Vendor Advisory    

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
http://vulmon.com/vulnerabilitydetails?qid=CVE2894
http://twinybots.ch33
https://lists.astaro.com/ASGV9-IPS-rules.html24
https://confluence.atlassian.com/doc/confluence-security-ad...8
https://www.imperva.com/blog/attackers-exploit-cve-2021-260...7
https://securityaffairs.co/wordpress/121760/hacking/conflue...7
https://www.vulnmachines.com7
https://jira.atlassian.com/browse/CONFSERVER-679406
https://www.trendmicro.com/en_us/research/21/i/cryptominer-...6
https://www.jpcert.or.jp/at/2021/at210037.html5
https://unit42.paloaltonetworks.com/cve-2021-26084/5
https://buff.ly/3vJVCtK4
https://youtu.be/yMLoIJVz0YI4
https://github.com/dinhbaouit/CVE-2021-260844
https://twitter.com/TheHackersNews/status/14309223666289500164
https://www.ironnet.com/blog/continued-exploitation-of-cve-...4
https://blogs.juniper.net/en-us/threat-research/muhstik-bot...4
https://blog.kaspersky.co.jp/confluence-server-cve-2021-260...4
https://news.ycombinator.com/item?id=284058884
https://blog.trendmicro.co.jp/archives/299604
https://bit.ly/3EbIgtZ3
https://ift.tt/3taXCK63
https://vfeed.io3
https://censys.io/blog/cve-2021-26084-confluenza/3
https://opsmtrs.com/33G8R113
https://www.scutum.jp/information/technical_articles/index....3
https://www.zdnet.com/article/us-cybercom-says-mass-exploit...3
https://attackerkb.com/topics/Eu74wdMbEL/cve-2021-26084-con...3
https://www.rapid7.com/blog/post/2021/09/02/active-exploita...3
https://www.thezdi.com/blog/2021/9/21/cve-2021-26084-detail...3
https://therecord.media/confluence-enterprise-servers-targe...3
https://tradahacking.vn/atlassian-confluence-cve-2021-26084...3
https://www.lacework.com/blog/muhstik-takes-aim-at-confluen...3
https://thehackernews.com/2021/09/us-cyber-command-warns-of...3
https://www.kaspersky.com/blog/confluence-server-cve-2021-2...3
https://blogs.blackberry.com/en/2021/09/blue-team-a-defensi...3
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2021-ALE-018/3
https://www.kaspersky.com.br/blog/confluence-server-cve-202...3
https://www.securityweek.com/recently-patched-confluence-vu...3
https://www.kennasecurity.com/blog/january-vuln-of-the-mont...3
https://research.trendmicro.com/3nZvtFn3
https://www.countercraftsec.com/blog/post/a-step-by-step-cv...3
https://ipssignatures.appspot.com/?cve=CVE-2021-260843
https://www.zerodayinitiative.com/blog/2021/9/21/cve-2021-2...3

Information from Twitter

User URL Info Source Date
ipssignatures https://twitter.com/ptracesecurity/status/1441546054164369409 Source ipssignatures    1639448519324078080 2023/03/25
ipssignatures https://twitter.com/Vulnmachines/status/1553019717798936576 Source ipssignatures    1640565879996837895 2023/03/28

List of frequently cited URLs

URLNum of Times Referred to
vulmon.com2894
twinybots.ch33
lists.astaro.com24
confluence.atlassian.com8
www.imperva.com7
securityaffairs.co7
www.vulnmachines.com7
jira.atlassian.com6
www.trendmicro.com6
www.jpcert.or.jp5
unit42.paloaltonetworks.com5
buff.ly4
youtu.be4
github.com4
twitter.com4
www.ironnet.com4
blogs.juniper.net4
blog.kaspersky.co.jp4
news.ycombinator.com4
blog.trendmicro.co.jp4
bit.ly3
ift.tt3
vfeed.io3
censys.io3
opsmtrs.com3
www.scutum.jp3
www.zdnet.com3
attackerkb.com3
www.rapid7.com3
www.thezdi.com3
therecord.media3
tradahacking.vn3
www.lacework.com3
thehackernews.com3
www.kaspersky.com3
blogs.blackberry.com3
www.cert.ssi.gouv.fr3
www.kaspersky.com.br3
www.securityweek.com3
www.kennasecurity.com3
research.trendmicro.com3
www.countercraftsec.com3
ipssignatures.appspot.com3
www.zerodayinitiative.com3

Information from Twitter

User URL Info Source
ipssignatures twitter.com Show Tweet
ipssignatures twitter.com Show Tweet
GitHub Search Results: Up to 10
NameURL
h3v0x/CVE-2021-26084_Confluence https://github.com/h3v0x/CVE-2021-26084_Confluence
dinhbaouit/CVE-2021-26084 https://github.com/dinhbaouit/CVE-2021-26084
r0ckysec/CVE-2021-26084_Confluence https://github.com/r0ckysec/CVE-2021-26084_Confluence
FanqXu/CVE-2021-26084 https://github.com/FanqXu/CVE-2021-26084
alt3kx/CVE-2021-26084_PoC https://github.com/alt3kx/CVE-2021-26084_PoC
1ZRR4H/CVE-2021-26084 https://github.com/1ZRR4H/CVE-2021-26084
tangxiaofeng7/CVE-2021-26084 https://github.com/tangxiaofeng7/CVE-2021-26084
Udyz/CVE-2021-26084 https://github.com/Udyz/CVE-2021-26084
carlosevieira/CVE-2021-26084 https://github.com/carlosevieira/CVE-2021-26084
dorkerdevil/CVE-2021-26084 https://github.com/dorkerdevil/CVE-2021-26084
GitHub Search Results: Up to 10
NameURL
h3v0x/CVE-2021-26084_Confluence github.com
dinhbaouit/CVE-2021-26084 github.com
r0ckysec/CVE-2021-26084_Confluence github.com
FanqXu/CVE-2021-26084 github.com
alt3kx/CVE-2021-26084_PoC github.com
1ZRR4H/CVE-2021-26084 github.com
tangxiaofeng7/CVE-2021-26084 github.com
Udyz/CVE-2021-26084 github.com
carlosevieira/CVE-2021-26084 github.com
dorkerdevil/CVE-2021-26084 github.com
2023/03/28 Score : 0
Added Har-sia Database : 2021/08/26
Last Modified : 2023/03/28
Highest Scored Date : 2021/09/04
Highest Score : 114