Security News > 2024 > June > High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683)
If you're self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest available version to fix a high-severity RCE flaw for which a PoC and technical details are already public.
Confluence Server and Data Center are software solutions that are widely used in enterprise settings to manage knowledge bases, documentation, and standardize collaboration.
"This vulnerability arises due to a flaw in the input validation mechanism in the 'Add a new language' function of the 'Configure Code Macro' section," Sonicwall researchers explained.
"This function allows users to upload a new code block macro language definition to customize the formatting and syntax highlighting. It expects the Javascript file to be formatted according to the custom brush syntax. Insufficient validation allows the authenticated attacker to inject malicious Java code embedded in a file, which will be executed on the server."
Upgrade Confluence ASAP. "Considering Confluence Server's pivotal role in maintaining an organization's knowledge base, users are strongly encouraged to upgrade their instances to the latest versions, as mentioned in the vendor advisory," Sonicwall researchers advised.
Vulnerabilities in Data Center and Confluence Server are regularly leveraged by attackers.
News URL
https://www.helpnetsecurity.com/2024/06/03/cve-2024-21683-poc/
Related news
- Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast (source)
- PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800) (source)
- Veeam fixes RCE flaw in backup management platform (CVE-2024-29212) (source)
- F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026) (source)
- PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers (source)
- Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) (source)
- PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) (source)
- 15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130) (source)
- PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992) (source)
- POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw (source)