Security News > 2024 > June > High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683)

If you're self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest available version to fix a high-severity RCE flaw for which a PoC and technical details are already public.

Confluence Server and Data Center are software solutions that are widely used in enterprise settings to manage knowledge bases, documentation, and standardize collaboration.

"This vulnerability arises due to a flaw in the input validation mechanism in the 'Add a new language' function of the 'Configure Code Macro' section," Sonicwall researchers explained.

"This function allows users to upload a new code block macro language definition to customize the formatting and syntax highlighting. It expects the Javascript file to be formatted according to the custom brush syntax. Insufficient validation allows the authenticated attacker to inject malicious Java code embedded in a file, which will be executed on the server."

Upgrade Confluence ASAP. "Considering Confluence Server's pivotal role in maintaining an organization's knowledge base, users are strongly encouraged to upgrade their instances to the latest versions, as mentioned in the vendor advisory," Sonicwall researchers advised.

Vulnerabilities in Data Center and Confluence Server are regularly leveraged by attackers.

News URL

https://www.helpnetsecurity.com/2024/06/03/cve-2024-21683-poc/