Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubexploit927EFD57-AC02-5976-A61A-49DBF7BCFC30
HistoryMay 29, 2024 - 3:20 a.m.

Exploit for Expression Language Injection in Atlassian Confluence Data Center

2024-05-2903:20:22
114
confluence
rce
exploit
cve
command execution
shell
proxy
security

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.974

Percentile

99.9%

JSON

![Confluence-RCE](https://socialify.git.ci/BBD-YZZ/Confluence-RC

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

Related

impervablog 3
thn 9
zdt 7
packetstorm 6
rapid7blog 4
attackerkb 3
nessus 6
cisa_kev 3
githubexploit 107
prion 3
metasploit 3
vulnrichment 1
hivepro 3
trendmicroblog 5
cvelist 2
exploitdb 3
cisa 4
checkpoint_advisories 2
atlassian 3
threatpost 2
nuclei 3
hackerone 2
akamaiblog 5
nvd 3
cve 2
wallarmlab 1
malwarebytes 2
ubuntucve 1
qualysblog 1
impervablog
impervablog
Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery
2024-02-21 09:28:01
New Sysrv Botnet Variant Makes Use of Google Subdomain to Spread XMRig Miner
2024-03-20 16:56:29
Imperva Earns Three Cyber Defense Global InfoSec Awards for 2022
2022-07-26 13:16:19
thn
thn
Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability
2022-06-03 03:43:00
Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild
2022-06-04 08:57:00
Atlassian Confluence Flaw Being Used to Deploy Ransomware and Crypto Miners
2022-06-18 04:11:00
zdt
zdt
Atlassian Confluence Namespace OGNL Injection Exploit
2022-06-09 00:00:00
Atlassian Confluence < 8.5.3 - Remote Code Execution Exploit
2024-03-18 00:00:00
Confluence Server 7.12.4 - (OGNL injection) Remote Code Execution Exploit
2021-09-01 00:00:00
packetstorm
packetstorm
Atlassian Confluence Namespace OGNL Injection
2022-06-08 00:00:00
Atlassian Confluence 8.5.3 Remote Code Execution
2024-03-19 00:00:00
Atlassian Confluence SSTI Injection
2024-01-26 00:00:00
rapid7blog
rapid7blog
Active Exploitation of Confluence CVE-2022-26134
2022-06-02 23:27:15
Metasploit Wrap-Up
2021-10-22 14:25:55
Active Exploitation of Confluence Server & Confluence Data Center: CVE-2021-26084
2021-09-02 15:44:36
attackerkb
attackerkb
CVE-2022-26134
2022-06-03 00:00:00
CVE-2021-26084 Confluence Server OGNL injection
2021-08-10 00:00:00
CVE-2023-22527
2024-01-16 00:00:00
nessus
nessus
Atlassian Confluence < 8.5.4 RCE (CONFSERVER-93833)
2024-01-16 00:00:00
Atlassian Confluence Server Webwork OGNL Injection (CVE-2021-26084)
2021-09-07 00:00:00
Atlassian Confluence < 6.13.23 / 6.14 < 7.4.11 / 7.5 < 7.11.6 / 7.12 < 7.12.5 Webwork OGNL Injection (CONFSERVER-67940)
2021-08-26 00:00:00
cisa_kev
cisa_kev
Atlassian Confluence Data Center and Server Template Injection Vulnerability
2024-01-24 00:00:00
Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability
2021-11-03 00:00:00
Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
2022-06-02 00:00:00
githubexploit
githubexploit
Exploit for Injection in Atlassian Confluence Data Center
2024-02-11 16:46:55
Exploit for Injection in Atlassian Confluence Data Center
2024-01-24 21:29:59
Exploit for Injection in Atlassian Confluence Data Center
2024-01-25 10:52:39
prion
prion
Template injection
2024-01-16 05:15:00
Code injection
2021-08-30 07:15:00
Code injection
2022-06-03 22:15:00
metasploit
metasploit
Atlassian Confluence SSTI Injection
2024-01-22 22:06:29
Atlassian Confluence WebWork OGNL Injection
2021-10-14 21:58:04
Atlassian Confluence Namespace OGNL Injection
2022-06-03 19:27:13
vulnrichment
vulnrichment
CVE-2023-22527
2024-01-16 05:00:00
hivepro
hivepro
Critical RCE Flaw in Atlassian Confluence Sparks Active Exploitation
2024-01-24 13:24:06
Attacks, Vulnerabilities and Actors 22 January to 28 January 2024
2024-01-29 14:47:47
Vulnerable Atlassian Confluence Servers utilized to drop Crypto Miners
2022-09-29 06:56:17
trendmicroblog
trendmicroblog
Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks
2024-02-07 00:00:00
Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence
2024-08-30 00:00:00
Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage
2021-09-21 00:00:00
cvelist
cvelist
CVE-2023-22527
2024-01-16 05:00:00
CVE-2021-26084
2021-08-30 06:30:14
exploitdb
exploitdb
Atlassian Confluence &lt; 8.5.3 - Remote Code Execution
2024-03-18 00:00:00
Confluence Server 7.12.4 - &#039;OGNL injection&#039; Remote Code Execution (RCE) (Unauthenticated)
2021-09-01 00:00:00
Confluence Data Center 7.18.0 - Remote Code Execution (RCE)
2022-06-10 00:00:00
cisa
cisa
Atlassian Releases Security Updates for Confluence Server and Data Center
2021-09-03 00:00:00
Atlassian Releases Security Advisory for Confluence Server and Data Center, CVE-2022-26134
2022-06-02 00:00:00
Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134
2022-06-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Atlassian Confluence Remote Code Execution (CVE-2021-26084)
2021-09-05 00:00:00
Atlassian Confluence Remote Code Execution (CVE-2022-26134)
2022-06-06 00:00:00
atlassian
atlassian
Confluence Server Webwork OGNL injection - CVE-2021-26084
2021-07-27 05:13:48
Unauthenticated remote code execution vulnerability via OGNL template injection - Duplicate
2022-06-02 03:36:35
Remote code execution via OGNL injection in Confluence Server & Data Center - CVE-2022-26134
2022-06-03 20:08:07
threatpost
threatpost
Log4JShell Used to Swarm VMware Servers with Miners, Backdoors
2022-03-29 20:33:08
DragonForce Gang Unleash Hacks Against Govt. of India
2022-06-15 13:59:37
nuclei
nuclei
Confluence Server - Remote Code Execution
2021-08-31 20:40:27
Atlassian Confluence - Remote Code Execution
2024-01-22 08:43:25
Confluence - Remote Code Execution
2022-06-03 20:11:56
hackerone
hackerone
U.S. Dept Of Defense: RCE on ███████ [CVE-2021-26084]
2021-09-02 02:58:10
U.S. Dept Of Defense: RCE in ███ [CVE-2021-26084]
2021-09-02 05:49:27
akamaiblog
akamaiblog
Confluence Server Webwork OGNL Injection (CVE-2021-26084): How Akamai Helps You Protect Against Zero-Day Attacks
2021-09-15 07:00:00
Confluence Server Webwork OGNL Injection (CVE-2021-26084): How Akamai Helps You Protect Against Zero-Day Attacks
2021-09-15 07:00:00
Akamai?s Observations of Confluence Zero Day (CVE-2022-26134)
2022-06-28 13:00:00
nvd
nvd
CVE-2021-26084
2021-08-30 07:15:06
CVE-2023-22527
2024-01-16 05:15:08
CVE-2022-26134
2022-06-03 22:15:07
cve
cve
CVE-2021-26084
2021-08-30 07:15:06
CVE-2023-22527
2024-01-16 05:15:08
wallarmlab
wallarmlab
Update on the Confluence 0-day vulnerability (CVE-2022-26134)
2022-06-03 20:50:59
malwarebytes
malwarebytes
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
2022-06-14 12:43:08
[updated]Unpatched Atlassian Confluence vulnerability is actively exploited
2022-06-03 14:41:58
ubuntucve
ubuntucve
CVE-2022-26134
2022-06-03 00:00:00
qualysblog
qualysblog
Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)
2022-06-29 20:23:28

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.974

Percentile

99.9%

JSON
Related for 927EFD57-AC02-5976-A61A-49DBF7BCFC30
impervablog3thn9zdt7packetstorm6rapid7blog4attackerkb3nessus6cisa_kev3githubexploit107prion3metasploit3vulnrichment1hivepro3trendmicroblog5cvelist2exploitdb3cisa4checkpoint_advisories2atlassian3threatpost2nuclei3hackerone2akamaiblog5nvd3cve2wallarmlab1malwarebytes2ubuntucve1qualysblog1