Atlassian’s Confluence hit with critical remote code execution bugs | allinfosecnews.com

June 4, 2024, 12:01 p.m. |

CSO Online www.csoonline.com

Atlassian Confluence Data Center and Server has been hit with a critical remote code execution bug, allowing authenticated threat actors to exploit account privileges and execute arbitrary codes.

The vulnerability, tracked as CVE-2024-21683, is assigned a CVSS score of 8.3/10, and requires no user interaction with a high impact on confidentiality, integrity, and availability of the configuration service.

“This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server,” Atlassian …

account atlassian atlassian confluence atlassian confluence data center bug bugs center code code execution confidentiality confluence confluence data center critical cve cve-2024 cve-2024-21683 cvss cvss score data data center exploit high impact privileges remote code remote code execution score server threat threat actors vulnerabilities vulnerability

More from www.csoonline.com / CSO Online

New Intel CPU side-channel attack Indirector can leak sensitive data 2 hours ago | www.csoonline.com

advanced persistent threats attack attacks boundaries +30

Over 35,000 Ether subscribers targeted in a campaign from crypto draining 8 hours ago | www.csoonline.com

actor address blog blog post +18

Logic bombs explained: Definition, examples, prevention 15 hours ago | www.csoonline.com

actions application bomb bombs +21

Europol disrupts about 600 abusive Cobalt Strike servers 1 day, 9 hours ago | www.csoonline.com

abuse addresses cobalt cobalt strike +19

Tabletop exercise scenarios: 10 tips, 6 examples 1 day, 11 hours ago | www.csoonline.com

business business continuity business operations continuity +24

Kaspersky software ban: CISOs must move quickly, experts say 1 day, 15 hours ago | www.csoonline.com

anti-malware ban bans cisos +17

Download the UEM vendor comparison chart, 2024 edition 2 days, 6 hours ago | www.csoonline.com

can chart download endpoint +15

Passkeys aren’t attack-proof, not until properly implemented 2 days, 9 hours ago | www.csoonline.com

access adversary adversary-in-the-middle aitm +23

How CISOs can protect their personal liability 2 days, 15 hours ago | www.csoonline.com

can cases ciso cisos +23

System Administrator, Senior

@ Booz Allen Hamilton | USA, NV, Nellis AFB (4370 Washington Blvd)

View on infosec-jobs.com

Staff Systems Engineer

@ Commonwealth Bank | Bengaluru - Manyata Tech Park Road

View on infosec-jobs.com

(IND) Software Engineer III

@ Walmart | IN KA BANGALORE Home Office Building 10

View on infosec-jobs.com

Software Engineer III

@ Walmart | IN KA BANGALORE Home Office Building 11

View on infosec-jobs.com

Systems Engineer - Global Accounts

@ Palo Alto Networks | London, United Kingdom

View on infosec-jobs.com

Principal Support Engineering Specialist - SASE

@ Palo Alto Networks | Bengaluru, India

View on infosec-jobs.com