Refine your search
16 vulnerabilities found for confluence_server by atlassian
CVE-2023-22527 (GCVE-0-2023-22527)
Vulnerability from nvd
Published
2024-01-16 05:00
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- RCE (Remote Code Execution)
Summary
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.
Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Version: >= 8.0.0 Version: >= 8.1.0 Version: >= 8.2.0 Version: >= 8.3.0 Version: >= 8.4.0 Version: >= 8.5.0 Version: >= 8.5.1 Version: >= 8.5.2 Version: >= 8.5.3 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:8.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confluence_data_center",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.5.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_server:8.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confluence_server",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.5.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22527",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-14T05:00:58.661097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-01-24",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22527"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:28.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22527"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-24T00:00:00+00:00",
"value": "CVE-2023-22527 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:47:54.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615"
},
{
"tags": [
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-93833"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html"
},
{
"url": "https://www.vicarius.io/vsociety/posts/pwning-confluence-via-ognl-injection-for-fun-and-learning-cve-2023-22527"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.1.0"
},
{
"status": "affected",
"version": "\u003e= 8.2.0"
},
{
"status": "affected",
"version": "\u003e= 8.3.0"
},
{
"status": "affected",
"version": "\u003e= 8.4.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.1"
},
{
"status": "affected",
"version": "\u003e= 8.5.2"
},
{
"status": "affected",
"version": "\u003e= 8.5.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.6.0"
},
{
"status": "unaffected",
"version": "\u003e= 8.7.1"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.1.0"
},
{
"status": "affected",
"version": "\u003e= 8.2.0"
},
{
"status": "affected",
"version": "\u003e= 8.3.0"
},
{
"status": "affected",
"version": "\u003e= 8.4.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.1"
},
{
"status": "affected",
"version": "\u003e= 8.5.2"
},
{
"status": "affected",
"version": "\u003e= 8.5.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.6.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Petrus Viet"
}
],
"descriptions": [
{
"lang": "en",
"value": "A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.\n\nMost recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian\u2019s January Security Bulletin."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "RCE (Remote Code Execution)",
"lang": "en",
"type": "RCE (Remote Code Execution)"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-26T17:06:21.681Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-93833"
},
{
"url": "http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2023-22527",
"datePublished": "2024-01-16T05:00:00.692Z",
"dateReserved": "2023-01-01T00:01:22.333Z",
"dateUpdated": "2025-10-21T23:05:28.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22518 (GCVE-0-2023-22518)
Vulnerability from nvd
Published
2023-10-31 14:30
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Authorization
Summary
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Version: >= 1.0.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:48.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
},
{
"tags": [
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22518",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T16:33:26.216427Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-11-07",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:32.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-07T00:00:00+00:00",
"value": "CVE-2023-22518 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.0.0"
},
{
"status": "unaffected",
"version": "\u003e= 7.19.16"
},
{
"status": "unaffected",
"version": "\u003e= 8.3.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.4.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.6.1"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.0.0"
},
{
"status": "unaffected",
"version": "\u003e= 7.19.16"
},
{
"status": "unaffected",
"version": "\u003e= 8.3.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.4.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.6.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "-"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\u00a0\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authorization",
"lang": "en",
"type": "Improper Authorization"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T16:06:15.741Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
},
{
"url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2023-22518",
"datePublished": "2023-10-31T14:30:00.418Z",
"dateReserved": "2023-01-01T00:01:22.332Z",
"dateUpdated": "2025-10-21T23:05:32.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22515 (GCVE-0-2023-22515)
Vulnerability from nvd
Published
2023-10-04 14:00
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- BASM (Broken Authentication & Session Management)
Summary
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Version: >= 8.0.0 Version: >= 8.0.1 Version: >= 8.0.2 Version: >= 8.0.3 Version: >= 8.1.3 Version: >= 8.1.4 Version: >= 8.2.0 Version: >= 8.2.1 Version: >= 8.2.2 Version: >= 8.2.3 Version: >= 8.3.0 Version: >= 8.3.1 Version: >= 8.3.2 Version: >= 8.4.0 Version: >= 8.4.1 Version: >= 8.4.2 Version: >= 8.5.0 Version: >= 8.5.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:48.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515"
},
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276"
},
{
"tags": [
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-92475"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_data_center",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.3.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_data_center",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.4.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_data_center",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.5.2",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_server",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.3.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_server",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.4.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_server",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.5.2",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22515",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-09T05:05:17.297744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-05",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22515"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22515"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-05T00:00:00+00:00",
"value": "CVE-2023-22515 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.1"
},
{
"status": "affected",
"version": "\u003e= 8.0.2"
},
{
"status": "affected",
"version": "\u003e= 8.0.3"
},
{
"status": "affected",
"version": "\u003e= 8.1.3"
},
{
"status": "affected",
"version": "\u003e= 8.1.4"
},
{
"status": "affected",
"version": "\u003e= 8.2.0"
},
{
"status": "affected",
"version": "\u003e= 8.2.1"
},
{
"status": "affected",
"version": "\u003e= 8.2.2"
},
{
"status": "affected",
"version": "\u003e= 8.2.3"
},
{
"status": "affected",
"version": "\u003e= 8.3.0"
},
{
"status": "affected",
"version": "\u003e= 8.3.1"
},
{
"status": "affected",
"version": "\u003e= 8.3.2"
},
{
"status": "affected",
"version": "\u003e= 8.4.0"
},
{
"status": "affected",
"version": "\u003e= 8.4.1"
},
{
"status": "affected",
"version": "\u003e= 8.4.2"
},
{
"status": "affected",
"version": "\u003e= 8.5.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.1"
},
{
"status": "unaffected",
"version": "\u003e= 8.3.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.4.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.2"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.1"
},
{
"status": "affected",
"version": "\u003e= 8.0.2"
},
{
"status": "affected",
"version": "\u003e= 8.0.3"
},
{
"status": "affected",
"version": "\u003e= 8.1.3"
},
{
"status": "affected",
"version": "\u003e= 8.1.4"
},
{
"status": "affected",
"version": "\u003e= 8.2.0"
},
{
"status": "affected",
"version": "\u003e= 8.2.1"
},
{
"status": "affected",
"version": "\u003e= 8.2.2"
},
{
"status": "affected",
"version": "\u003e= 8.2.3"
},
{
"status": "affected",
"version": "\u003e= 8.3.0"
},
{
"status": "affected",
"version": "\u003e= 8.3.1"
},
{
"status": "affected",
"version": "\u003e= 8.3.2"
},
{
"status": "affected",
"version": "\u003e= 8.4.0"
},
{
"status": "affected",
"version": "\u003e= 8.4.1"
},
{
"status": "affected",
"version": "\u003e= 8.4.2"
},
{
"status": "affected",
"version": "\u003e= 8.5.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.1"
},
{
"status": "unaffected",
"version": "\u003e= 8.3.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.4.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.2"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "an Atlassian customer"
}
],
"descriptions": [
{
"lang": "en",
"value": "Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. \r\n\r\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. "
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BASM (Broken Authentication \u0026 Session Management)",
"lang": "en",
"type": "BASM (Broken Authentication \u0026 Session Management)"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T16:00:01.026Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"url": "http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html"
},
{
"url": "https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515"
},
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-92475"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2023-22515",
"datePublished": "2023-10-04T14:00:00.820Z",
"dateReserved": "2023-01-01T00:01:22.331Z",
"dateUpdated": "2025-10-21T23:05:35.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26134 (GCVE-0-2022-26134)
Vulnerability from nvd
Published
2022-06-03 21:51
Modified
2025-10-21 23:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Version: next of 1.3.0 < unspecified Version: unspecified < 7.4.17 Version: 7.13.0 < unspecified Version: unspecified < 7.13.7 Version: 7.14.0 < unspecified Version: unspecified < 7.14.3 Version: 7.15.0 < unspecified Version: unspecified < 7.15.2 Version: 7.16.0 < unspecified Version: unspecified < 7.16.4 Version: 7.17.0 < unspecified Version: unspecified < 7.17.4 Version: 7.18.0 < unspecified Version: unspecified < 7.18.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-26134",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:18:48.606174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-06-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:38.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-06-02T00:00:00+00:00",
"value": "CVE-2022-26134 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T05:20:13.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2022-05-31T20:00:00",
"ID": "CVE-2022-26134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
},
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-79016",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"name": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
"refsource": "MISC",
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2022-26134",
"datePublished": "2022-06-03T21:51:57.134Z",
"dateReserved": "2022-02-25T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:38.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26084 (GCVE-0-2021-26084)
Vulnerability from nvd
Published
2021-08-30 06:30
Modified
2025-10-21 23:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Server |
Version: unspecified < 6.13.23 Version: 6.14.0 < unspecified Version: unspecified < 7.4.11 Version: 7.5.0 < unspecified Version: unspecified < 7.11.6 Version: 7.12.0 < unspecified Version: unspecified < 7.12.5 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:19.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-67940"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-26084",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "rapid"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T03:55:33.630835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26084"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:25:35.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26084"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2021-26084 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "6.13.23",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.14.0",
"versionType": "custom"
},
{
"lessThan": "7.4.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
},
{
"lessThan": "7.11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.12.0",
"versionType": "custom"
},
{
"lessThan": "7.12.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "6.13.23",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.14.0",
"versionType": "custom"
},
{
"lessThan": "7.4.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
},
{
"lessThan": "7.11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.12.0",
"versionType": "custom"
},
{
"lessThan": "7.12.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-08T17:06:12.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-67940"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2021-08-10T00:00:00",
"ID": "CVE-2021-26084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.13.23"
},
{
"version_affected": "\u003e=",
"version_value": "6.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.11"
},
{
"version_affected": "\u003e=",
"version_value": "7.5.0"
},
{
"version_affected": "\u003c",
"version_value": "7.11.6"
},
{
"version_affected": "\u003e=",
"version_value": "7.12.0"
},
{
"version_affected": "\u003c",
"version_value": "7.12.5"
}
]
}
},
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.13.23"
},
{
"version_affected": "\u003e=",
"version_value": "6.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.11"
},
{
"version_affected": "\u003e=",
"version_value": "7.5.0"
},
{
"version_affected": "\u003c",
"version_value": "7.11.6"
},
{
"version_affected": "\u003e=",
"version_value": "7.12.0"
},
{
"version_affected": "\u003c",
"version_value": "7.12.5"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-67940",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-67940"
},
{
"name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2021-26084",
"datePublished": "2021-08-30T06:30:14.248Z",
"dateReserved": "2021-01-25T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:25:35.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26085 (GCVE-0-2021-26085)
Vulnerability from nvd
Published
2021-08-03 00:00
Modified
2025-10-21 23:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Pre-Authorization Arbitrary File Read
Summary
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Server |
Version: unspecified < 7.4.10 Version: 7.5.0 < unspecified Version: unspecified < 7.12.3 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:19.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-67893"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-26085",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T12:29:39.323995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-28",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26085"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-425",
"description": "CWE-425 Direct Request (\u0027Forced Browsing\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:25:39.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26085"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-28T00:00:00+00:00",
"value": "CVE-2021-26085 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.4.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
},
{
"lessThan": "7.12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.4.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
},
{
"lessThan": "7.12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Pre-Authorization Arbitrary File Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-05T16:06:18.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-67893"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2021-07-29T00:00:00",
"ID": "CVE-2021-26085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.4.10"
},
{
"version_affected": "\u003e=",
"version_value": "7.5.0"
},
{
"version_affected": "\u003c",
"version_value": "7.12.3"
}
]
}
},
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.4.10"
},
{
"version_affected": "\u003e=",
"version_value": "7.5.0"
},
{
"version_affected": "\u003c",
"version_value": "7.12.3"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Pre-Authorization Arbitrary File Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-67893",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-67893"
},
{
"name": "http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2021-26085",
"datePublished": "2021-08-03T00:00:12.199Z",
"dateReserved": "2021-01-25T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:25:39.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3398 (GCVE-0-2019-3398)
Vulnerability from nvd
Published
2019-04-18 17:21
Modified
2025-10-21 23:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Path Traversal
Summary
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Atlassian | Confluence |
Version: 2.0.0 < unspecified Version: unspecified < 6.6.13 Version: 6.7.0 < unspecified Version: unspecified < 6.12.4 Version: 6.13.0 < unspecified Version: unspecified < 6.13.4 Version: 6.14.0 < unspecified Version: unspecified < 6.14.3 Version: 6.15.0 < unspecified Version: unspecified < 6.15.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-58102"
},
{
"name": "20190424 Confluence Security Advisory - 2019-04-17",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Apr/33"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152616/Confluence-Server-Data-Center-Path-Traversal.html"
},
{
"name": "108067",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108067"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155235/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155245/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-3398",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T12:26:29.325819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3398"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:39.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3398"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-3398 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "6.6.13",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.7.0",
"versionType": "custom"
},
{
"lessThan": "6.12.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.13.0",
"versionType": "custom"
},
{
"lessThan": "6.13.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.14.0",
"versionType": "custom"
},
{
"lessThan": "6.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.15.0",
"versionType": "custom"
},
{
"lessThan": "6.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-04-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has \u0027Admin\u0027 permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T17:06:43.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-58102"
},
{
"name": "20190424 Confluence Security Advisory - 2019-04-17",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Apr/33"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152616/Confluence-Server-Data-Center-Path-Traversal.html"
},
{
"name": "108067",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108067"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155235/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155245/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-04-17T00:00:00",
"ID": "CVE-2019-3398",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "2.0.0"
},
{
"version_affected": "\u003c",
"version_value": "6.6.13"
},
{
"version_affected": "\u003e=",
"version_value": "6.7.0"
},
{
"version_affected": "\u003c",
"version_value": "6.12.4"
},
{
"version_affected": "\u003e=",
"version_value": "6.13.0"
},
{
"version_affected": "\u003c",
"version_value": "6.13.4"
},
{
"version_affected": "\u003e=",
"version_value": "6.14.0"
},
{
"version_affected": "\u003c",
"version_value": "6.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "6.15.0"
},
{
"version_affected": "\u003c",
"version_value": "6.15.2"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has \u0027Admin\u0027 permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-58102",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-58102"
},
{
"name": "20190424 Confluence Security Advisory - 2019-04-17",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/33"
},
{
"name": "http://packetstormsecurity.com/files/152616/Confluence-Server-Data-Center-Path-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152616/Confluence-Server-Data-Center-Path-Traversal.html"
},
{
"name": "108067",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108067"
},
{
"name": "http://packetstormsecurity.com/files/155235/Atlassian-Confluence-6.15.1-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155235/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
},
{
"name": "http://packetstormsecurity.com/files/155245/Atlassian-Confluence-6.15.1-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155245/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2019-3398",
"datePublished": "2019-04-18T17:21:37.687Z",
"dateReserved": "2018-12-19T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:39.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3396 (GCVE-0-2019-3396)
Vulnerability from nvd
Published
2019-03-25 18:37
Modified
2025-10-21 23:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Server-Side Template Injection
Summary
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Atlassian | Confluence Server |
Version: unspecified < 6.6.12 Version: 6.7.0 < unspecified Version: unspecified < 6.12.3 Version: next of 6.13.0 < unspecified Version: unspecified < 6.13.3 Version: next of 6.14.0 < unspecified Version: unspecified < 6.14.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-57974"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector"
},
{
"name": "46731",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46731/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-3396",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T12:25:45.543931Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3396"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:41.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3396"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-3396 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "6.6.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.7.0",
"versionType": "custom"
},
{
"lessThan": "6.12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 6.13.0",
"versionType": "custom"
},
{
"lessThan": "6.13.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 6.14.0",
"versionType": "custom"
},
{
"lessThan": "6.14.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Server-Side Template Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-22T16:06:08.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-57974"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector"
},
{
"name": "46731",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46731/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-03-20T10:00:00",
"ID": "CVE-2019-3396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.6.12"
},
{
"version_affected": "\u003e=",
"version_value": "6.7.0"
},
{
"version_affected": "\u003c",
"version_value": "6.12.3"
},
{
"version_affected": "\u003e",
"version_value": "6.13.0"
},
{
"version_affected": "\u003c",
"version_value": "6.13.3"
},
{
"version_affected": "\u003e",
"version_value": "6.14.0"
},
{
"version_affected": "\u003c",
"version_value": "6.14.2"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server-Side Template Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-57974",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-57974"
},
{
"name": "http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html"
},
{
"name": "http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector",
"refsource": "MISC",
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector"
},
{
"name": "46731",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46731/"
},
{
"name": "http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2019-3396",
"datePublished": "2019-03-25T18:37:06.256Z",
"dateReserved": "2018-12-19T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:41.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22527 (GCVE-0-2023-22527)
Vulnerability from cvelistv5
Published
2024-01-16 05:00
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- RCE (Remote Code Execution)
Summary
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.
Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Version: >= 8.0.0 Version: >= 8.1.0 Version: >= 8.2.0 Version: >= 8.3.0 Version: >= 8.4.0 Version: >= 8.5.0 Version: >= 8.5.1 Version: >= 8.5.2 Version: >= 8.5.3 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:8.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confluence_data_center",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.5.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_server:8.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "confluence_server",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.5.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22527",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-14T05:00:58.661097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-01-24",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22527"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:28.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22527"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-24T00:00:00+00:00",
"value": "CVE-2023-22527 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:47:54.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615"
},
{
"tags": [
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-93833"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html"
},
{
"url": "https://www.vicarius.io/vsociety/posts/pwning-confluence-via-ognl-injection-for-fun-and-learning-cve-2023-22527"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.1.0"
},
{
"status": "affected",
"version": "\u003e= 8.2.0"
},
{
"status": "affected",
"version": "\u003e= 8.3.0"
},
{
"status": "affected",
"version": "\u003e= 8.4.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.1"
},
{
"status": "affected",
"version": "\u003e= 8.5.2"
},
{
"status": "affected",
"version": "\u003e= 8.5.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.6.0"
},
{
"status": "unaffected",
"version": "\u003e= 8.7.1"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.1.0"
},
{
"status": "affected",
"version": "\u003e= 8.2.0"
},
{
"status": "affected",
"version": "\u003e= 8.3.0"
},
{
"status": "affected",
"version": "\u003e= 8.4.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.1"
},
{
"status": "affected",
"version": "\u003e= 8.5.2"
},
{
"status": "affected",
"version": "\u003e= 8.5.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.6.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Petrus Viet"
}
],
"descriptions": [
{
"lang": "en",
"value": "A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.\n\nMost recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian\u2019s January Security Bulletin."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "RCE (Remote Code Execution)",
"lang": "en",
"type": "RCE (Remote Code Execution)"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-26T17:06:21.681Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-93833"
},
{
"url": "http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2023-22527",
"datePublished": "2024-01-16T05:00:00.692Z",
"dateReserved": "2023-01-01T00:01:22.333Z",
"dateUpdated": "2025-10-21T23:05:28.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22518 (GCVE-0-2023-22518)
Vulnerability from cvelistv5
Published
2023-10-31 14:30
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Authorization
Summary
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Version: >= 1.0.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:48.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
},
{
"tags": [
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22518",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T16:33:26.216427Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-11-07",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:32.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22518"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-07T00:00:00+00:00",
"value": "CVE-2023-22518 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.0.0"
},
{
"status": "unaffected",
"version": "\u003e= 7.19.16"
},
{
"status": "unaffected",
"version": "\u003e= 8.3.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.4.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.6.1"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 1.0.0"
},
{
"status": "affected",
"version": "\u003e= 1.0.0"
},
{
"status": "unaffected",
"version": "\u003e= 7.19.16"
},
{
"status": "unaffected",
"version": "\u003e= 8.3.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.4.4"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.6.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "-"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to\u00a0Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.\u00a0\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authorization",
"lang": "en",
"type": "Improper Authorization"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T16:06:15.741Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1311473907"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-93142"
},
{
"url": "http://packetstormsecurity.com/files/176264/Atlassian-Confluence-Improper-Authorization-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2023-22518",
"datePublished": "2023-10-31T14:30:00.418Z",
"dateReserved": "2023-01-01T00:01:22.332Z",
"dateUpdated": "2025-10-21T23:05:32.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22515 (GCVE-0-2023-22515)
Vulnerability from cvelistv5
Published
2023-10-04 14:00
Modified
2025-10-21 23:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- BASM (Broken Authentication & Session Management)
Summary
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.
Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Version: >= 8.0.0 Version: >= 8.0.1 Version: >= 8.0.2 Version: >= 8.0.3 Version: >= 8.1.3 Version: >= 8.1.4 Version: >= 8.2.0 Version: >= 8.2.1 Version: >= 8.2.2 Version: >= 8.2.3 Version: >= 8.3.0 Version: >= 8.3.1 Version: >= 8.3.2 Version: >= 8.4.0 Version: >= 8.4.1 Version: >= 8.4.2 Version: >= 8.5.0 Version: >= 8.5.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:48.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515"
},
{
"tags": [
"x_transferred"
],
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276"
},
{
"tags": [
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-92475"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_data_center",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.3.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_data_center",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.4.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_data_center",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.5.2",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_server",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.3.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_server",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.4.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "confluence_server",
"vendor": "atlassian",
"versions": [
{
"lessThan": "8.5.2",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-22515",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-09T05:05:17.297744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-05",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22515"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-22515"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-05T00:00:00+00:00",
"value": "CVE-2023-22515 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.1"
},
{
"status": "affected",
"version": "\u003e= 8.0.2"
},
{
"status": "affected",
"version": "\u003e= 8.0.3"
},
{
"status": "affected",
"version": "\u003e= 8.1.3"
},
{
"status": "affected",
"version": "\u003e= 8.1.4"
},
{
"status": "affected",
"version": "\u003e= 8.2.0"
},
{
"status": "affected",
"version": "\u003e= 8.2.1"
},
{
"status": "affected",
"version": "\u003e= 8.2.2"
},
{
"status": "affected",
"version": "\u003e= 8.2.3"
},
{
"status": "affected",
"version": "\u003e= 8.3.0"
},
{
"status": "affected",
"version": "\u003e= 8.3.1"
},
{
"status": "affected",
"version": "\u003e= 8.3.2"
},
{
"status": "affected",
"version": "\u003e= 8.4.0"
},
{
"status": "affected",
"version": "\u003e= 8.4.1"
},
{
"status": "affected",
"version": "\u003e= 8.4.2"
},
{
"status": "affected",
"version": "\u003e= 8.5.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.1"
},
{
"status": "unaffected",
"version": "\u003e= 8.3.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.4.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.2"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"status": "unaffected",
"version": "\u003c 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.0"
},
{
"status": "affected",
"version": "\u003e= 8.0.1"
},
{
"status": "affected",
"version": "\u003e= 8.0.2"
},
{
"status": "affected",
"version": "\u003e= 8.0.3"
},
{
"status": "affected",
"version": "\u003e= 8.1.3"
},
{
"status": "affected",
"version": "\u003e= 8.1.4"
},
{
"status": "affected",
"version": "\u003e= 8.2.0"
},
{
"status": "affected",
"version": "\u003e= 8.2.1"
},
{
"status": "affected",
"version": "\u003e= 8.2.2"
},
{
"status": "affected",
"version": "\u003e= 8.2.3"
},
{
"status": "affected",
"version": "\u003e= 8.3.0"
},
{
"status": "affected",
"version": "\u003e= 8.3.1"
},
{
"status": "affected",
"version": "\u003e= 8.3.2"
},
{
"status": "affected",
"version": "\u003e= 8.4.0"
},
{
"status": "affected",
"version": "\u003e= 8.4.1"
},
{
"status": "affected",
"version": "\u003e= 8.4.2"
},
{
"status": "affected",
"version": "\u003e= 8.5.0"
},
{
"status": "affected",
"version": "\u003e= 8.5.1"
},
{
"status": "unaffected",
"version": "\u003e= 8.3.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.4.3"
},
{
"status": "unaffected",
"version": "\u003e= 8.5.2"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "an Atlassian customer"
}
],
"descriptions": [
{
"lang": "en",
"value": "Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. \r\n\r\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. "
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "BASM (Broken Authentication \u0026 Session Management)",
"lang": "en",
"type": "BASM (Broken Authentication \u0026 Session Management)"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T16:00:01.026Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"url": "http://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html"
},
{
"url": "https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515"
},
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-92475"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2023-22515",
"datePublished": "2023-10-04T14:00:00.820Z",
"dateReserved": "2023-01-01T00:01:22.331Z",
"dateUpdated": "2025-10-21T23:05:35.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26134 (GCVE-0-2022-26134)
Vulnerability from cvelistv5
Published
2022-06-03 21:51
Modified
2025-10-21 23:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Data Center |
Version: next of 1.3.0 < unspecified Version: unspecified < 7.4.17 Version: 7.13.0 < unspecified Version: unspecified < 7.13.7 Version: 7.14.0 < unspecified Version: unspecified < 7.14.3 Version: 7.15.0 < unspecified Version: unspecified < 7.15.2 Version: 7.16.0 < unspecified Version: unspecified < 7.16.4 Version: 7.17.0 < unspecified Version: unspecified < 7.17.4 Version: 7.18.0 < unspecified Version: unspecified < 7.18.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-26134",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:18:48.606174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-06-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:38.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26134"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-06-02T00:00:00+00:00",
"value": "CVE-2022-26134 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 1.3.0",
"versionType": "custom"
},
{
"lessThan": "7.4.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.13.0",
"versionType": "custom"
},
{
"lessThan": "7.13.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.14.0",
"versionType": "custom"
},
{
"lessThan": "7.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.15.0",
"versionType": "custom"
},
{
"lessThan": "7.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.16.0",
"versionType": "custom"
},
{
"lessThan": "7.16.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.17.0",
"versionType": "custom"
},
{
"lessThan": "7.17.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.18.0",
"versionType": "custom"
},
{
"lessThan": "7.18.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-30T05:20:13.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2022-05-31T20:00:00",
"ID": "CVE-2022-26134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
},
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_value": "1.3.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.17"
},
{
"version_affected": "\u003e=",
"version_value": "7.13.0"
},
{
"version_affected": "\u003c",
"version_value": "7.13.7"
},
{
"version_affected": "\u003e=",
"version_value": "7.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "7.15.0"
},
{
"version_affected": "\u003c",
"version_value": "7.15.2"
},
{
"version_affected": "\u003e=",
"version_value": "7.16.0"
},
{
"version_affected": "\u003c",
"version_value": "7.16.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.17.0"
},
{
"version_affected": "\u003c",
"version_value": "7.17.4"
},
{
"version_affected": "\u003e=",
"version_value": "7.18.0"
},
{
"version_affected": "\u003c",
"version_value": "7.18.1"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-79016",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-79016"
},
{
"name": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html"
},
{
"name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
},
{
"name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html",
"refsource": "MISC",
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2022-26134",
"datePublished": "2022-06-03T21:51:57.134Z",
"dateReserved": "2022-02-25T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:38.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26084 (GCVE-0-2021-26084)
Vulnerability from cvelistv5
Published
2021-08-30 06:30
Modified
2025-10-21 23:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Server |
Version: unspecified < 6.13.23 Version: 6.14.0 < unspecified Version: unspecified < 7.4.11 Version: 7.5.0 < unspecified Version: unspecified < 7.11.6 Version: 7.12.0 < unspecified Version: unspecified < 7.12.5 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:19.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-67940"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-26084",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "rapid"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T03:55:33.630835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26084"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-917",
"description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:25:35.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26084"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2021-26084 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "6.13.23",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.14.0",
"versionType": "custom"
},
{
"lessThan": "7.4.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
},
{
"lessThan": "7.11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.12.0",
"versionType": "custom"
},
{
"lessThan": "7.12.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "6.13.23",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.14.0",
"versionType": "custom"
},
{
"lessThan": "7.4.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
},
{
"lessThan": "7.11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.12.0",
"versionType": "custom"
},
{
"lessThan": "7.12.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-08T17:06:12.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-67940"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2021-08-10T00:00:00",
"ID": "CVE-2021-26084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.13.23"
},
{
"version_affected": "\u003e=",
"version_value": "6.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.11"
},
{
"version_affected": "\u003e=",
"version_value": "7.5.0"
},
{
"version_affected": "\u003c",
"version_value": "7.11.6"
},
{
"version_affected": "\u003e=",
"version_value": "7.12.0"
},
{
"version_affected": "\u003c",
"version_value": "7.12.5"
}
]
}
},
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.13.23"
},
{
"version_affected": "\u003e=",
"version_value": "6.14.0"
},
{
"version_affected": "\u003c",
"version_value": "7.4.11"
},
{
"version_affected": "\u003e=",
"version_value": "7.5.0"
},
{
"version_affected": "\u003c",
"version_value": "7.11.6"
},
{
"version_affected": "\u003e=",
"version_value": "7.12.0"
},
{
"version_affected": "\u003c",
"version_value": "7.12.5"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-67940",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-67940"
},
{
"name": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2021-26084",
"datePublished": "2021-08-30T06:30:14.248Z",
"dateReserved": "2021-01-25T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:25:35.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26085 (GCVE-0-2021-26085)
Vulnerability from cvelistv5
Published
2021-08-03 00:00
Modified
2025-10-21 23:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Pre-Authorization Arbitrary File Read
Summary
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Atlassian | Confluence Server |
Version: unspecified < 7.4.10 Version: 7.5.0 < unspecified Version: unspecified < 7.12.3 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:19.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-67893"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-26085",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T12:29:39.323995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-28",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26085"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-425",
"description": "CWE-425 Direct Request (\u0027Forced Browsing\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:25:39.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26085"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-28T00:00:00+00:00",
"value": "CVE-2021-26085 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.4.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
},
{
"lessThan": "7.12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Confluence Data Center",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "7.4.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "7.5.0",
"versionType": "custom"
},
{
"lessThan": "7.12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Pre-Authorization Arbitrary File Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-05T16:06:18.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-67893"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2021-07-29T00:00:00",
"ID": "CVE-2021-26085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.4.10"
},
{
"version_affected": "\u003e=",
"version_value": "7.5.0"
},
{
"version_affected": "\u003c",
"version_value": "7.12.3"
}
]
}
},
{
"product_name": "Confluence Data Center",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.4.10"
},
{
"version_affected": "\u003e=",
"version_value": "7.5.0"
},
{
"version_affected": "\u003c",
"version_value": "7.12.3"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Pre-Authorization Arbitrary File Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-67893",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-67893"
},
{
"name": "http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2021-26085",
"datePublished": "2021-08-03T00:00:12.199Z",
"dateReserved": "2021-01-25T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:25:39.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3398 (GCVE-0-2019-3398)
Vulnerability from cvelistv5
Published
2019-04-18 17:21
Modified
2025-10-21 23:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Path Traversal
Summary
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Atlassian | Confluence |
Version: 2.0.0 < unspecified Version: unspecified < 6.6.13 Version: 6.7.0 < unspecified Version: unspecified < 6.12.4 Version: 6.13.0 < unspecified Version: unspecified < 6.13.4 Version: 6.14.0 < unspecified Version: unspecified < 6.14.3 Version: 6.15.0 < unspecified Version: unspecified < 6.15.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-58102"
},
{
"name": "20190424 Confluence Security Advisory - 2019-04-17",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Apr/33"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152616/Confluence-Server-Data-Center-Path-Traversal.html"
},
{
"name": "108067",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108067"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155235/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155245/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-3398",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T12:26:29.325819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3398"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:39.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3398"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-3398 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "6.6.13",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.7.0",
"versionType": "custom"
},
{
"lessThan": "6.12.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.13.0",
"versionType": "custom"
},
{
"lessThan": "6.13.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.14.0",
"versionType": "custom"
},
{
"lessThan": "6.14.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.15.0",
"versionType": "custom"
},
{
"lessThan": "6.15.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-04-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has \u0027Admin\u0027 permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T17:06:43.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-58102"
},
{
"name": "20190424 Confluence Security Advisory - 2019-04-17",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Apr/33"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152616/Confluence-Server-Data-Center-Path-Traversal.html"
},
{
"name": "108067",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108067"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155235/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155245/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-04-17T00:00:00",
"ID": "CVE-2019-3398",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "2.0.0"
},
{
"version_affected": "\u003c",
"version_value": "6.6.13"
},
{
"version_affected": "\u003e=",
"version_value": "6.7.0"
},
{
"version_affected": "\u003c",
"version_value": "6.12.4"
},
{
"version_affected": "\u003e=",
"version_value": "6.13.0"
},
{
"version_affected": "\u003c",
"version_value": "6.13.4"
},
{
"version_affected": "\u003e=",
"version_value": "6.14.0"
},
{
"version_affected": "\u003c",
"version_value": "6.14.3"
},
{
"version_affected": "\u003e=",
"version_value": "6.15.0"
},
{
"version_affected": "\u003c",
"version_value": "6.15.2"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has \u0027Admin\u0027 permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-58102",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-58102"
},
{
"name": "20190424 Confluence Security Advisory - 2019-04-17",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/33"
},
{
"name": "http://packetstormsecurity.com/files/152616/Confluence-Server-Data-Center-Path-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152616/Confluence-Server-Data-Center-Path-Traversal.html"
},
{
"name": "108067",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108067"
},
{
"name": "http://packetstormsecurity.com/files/155235/Atlassian-Confluence-6.15.1-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155235/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
},
{
"name": "http://packetstormsecurity.com/files/155245/Atlassian-Confluence-6.15.1-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155245/Atlassian-Confluence-6.15.1-Directory-Traversal.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2019-3398",
"datePublished": "2019-04-18T17:21:37.687Z",
"dateReserved": "2018-12-19T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:39.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3396 (GCVE-0-2019-3396)
Vulnerability from cvelistv5
Published
2019-03-25 18:37
Modified
2025-10-21 23:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Server-Side Template Injection
Summary
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Atlassian | Confluence Server |
Version: unspecified < 6.6.12 Version: 6.7.0 < unspecified Version: unspecified < 6.12.3 Version: next of 6.13.0 < unspecified Version: unspecified < 6.13.3 Version: next of 6.14.0 < unspecified Version: unspecified < 6.14.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-57974"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector"
},
{
"name": "46731",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46731/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-3396",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T12:25:45.543931Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3396"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:41.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-3396"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-3396 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Confluence Server",
"vendor": "Atlassian",
"versions": [
{
"lessThan": "6.6.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "6.7.0",
"versionType": "custom"
},
{
"lessThan": "6.12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 6.13.0",
"versionType": "custom"
},
{
"lessThan": "6.13.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "next of 6.14.0",
"versionType": "custom"
},
{
"lessThan": "6.14.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Server-Side Template Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-22T16:06:08.000Z",
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.atlassian.com/browse/CONFSERVER-57974"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector"
},
{
"name": "46731",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46731/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-03-20T10:00:00",
"ID": "CVE-2019-3396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Confluence Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.6.12"
},
{
"version_affected": "\u003e=",
"version_value": "6.7.0"
},
{
"version_affected": "\u003c",
"version_value": "6.12.3"
},
{
"version_affected": "\u003e",
"version_value": "6.13.0"
},
{
"version_affected": "\u003c",
"version_value": "6.13.3"
},
{
"version_affected": "\u003e",
"version_value": "6.14.0"
},
{
"version_affected": "\u003c",
"version_value": "6.14.2"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server-Side Template Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.atlassian.com/browse/CONFSERVER-57974",
"refsource": "MISC",
"url": "https://jira.atlassian.com/browse/CONFSERVER-57974"
},
{
"name": "http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html"
},
{
"name": "http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector",
"refsource": "MISC",
"url": "http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector"
},
{
"name": "46731",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46731/"
},
{
"name": "http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"assignerShortName": "atlassian",
"cveId": "CVE-2019-3396",
"datePublished": "2019-03-25T18:37:06.256Z",
"dateReserved": "2018-12-19T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:41.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}