HTTP: Confluence Data Center and Server RCE

This signature detects attempts to exploit a known vulnerability against Confluence Data Center and Server. A successful attack can lead to arbitrary code execution.

Extended Description

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html You can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives. This vulnerability was found internally.

Affected Products

Atlassian confluence_data_center

References

CVE: CVE-2024-21683

URL: https://jira.atlassian.com/browse/CONFSERVER-95832

Short Name

HTTP:CTS:CONFLUENCE-DC-RCE

Severity

Major

Recommended

True

Recommended Action

Drop

HTTP: Confluence Data Center and Server RCE

Extended Description

Affected Products

References

Found a potential security threat?