Atlassian disclosed a high-severity vulnerability that exists in multiple versions of their Confluence Data Center and Server.
The CVE for this vulnerability was assigned with CVE-2024-21683 and the severity was given as 8.3 (High).
Confluence has addressed this vulnerability in the latest versions of Confluence Data Center and Server and released necessary patches. However, researchers have discovered a method to exploit this vulnerability.
According to the advisory, this vulnerability was associated with Remote code execution on Confluence Data Center, which allows an authenticated threat actor with a certain level of privileges to execute arbitrary commands on the affected devices.
To successfully exploit this vulnerability, a threat actor requires network access to the vulnerable system and the privilege to add new macro language as a prerequisite.
With ANYRUN You can Analyze any URL, Files & Email for Malicious Activity : Start...