CVE-2024-21683

High PUBLISHED

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE (Remote...

Atlassian · Confluence Data Center

Not yet in CISA KEV

Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
High
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
Not yet in CISA KEV
CVSS / EPSS
7.2 High

At a Glance

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.  Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html You can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives. This vulnerability was found internally.

nuclei_scanner
CVE Published
May 21, 2024
Exploitation Reported
May 21, 2024
CVSS
7.2 High
EPSS
Remote Low complexity No user interaction

Affected Versions

Vendor Product Version Status
Atlassian
Confluence Data Center

8.9.0

Affected
Atlassian
Confluence Data Center

8.8.0 to 8.8.1

Affected
Atlassian
Confluence Data Center

8.7.1 to 8.7.2

Affected
Atlassian
Confluence Data Center

8.6.0 to 8.6.2

Affected
Atlassian
Confluence Data Center

8.5.0 to 8.5.8

Affected
Atlassian
Confluence Data Center

8.4.0 to 8.4.5

Affected
Atlassian
Confluence Data Center

8.3.0 to 8.3.4

Affected
Atlassian
Confluence Data Center

8.2.0 to 8.2.3

Affected
Atlassian
Confluence Data Center

8.1.0 to 8.1.4

Affected
Atlassian
Confluence Data Center

8.0.0 to 8.0.4

Affected
Atlassian
Confluence Data Center

7.20.0 to 7.20.3

Affected
Atlassian
Confluence Data Center

7.19.0 to 7.19.21

Affected
Atlassian
Confluence Data Center

8.9.1 to 8.9.2

Unaffected
Atlassian
Confluence Data Center

8.5.9 to 8.5.10

Unaffected
Atlassian
Confluence Data Center

7.19.22 to 7.19.23

Unaffected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.