In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
Published 2021-08-30 07:15:07
Updated 2022-06-10 14:26:16
Source Atlassian
View at NVD,   CVE.org
Vulnerability category: Execute code

CVE-2021-26084 is in the CISA Known Exploited Vulnerabilities Catalog

This issue is known to have been leveraged as part of a ransomware campaign.
CISA vulnerability name:
Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulner
CISA required action:
Apply updates per vendor instructions.
CISA description:
Atlassian Confluence Server and Data Server contain an Object-Graph Navigation Language (OGNL) injection vulnerability that may allow an unauthenticated attacker to execute code.
Added on 2021-11-03 Action due date 2021-11-17

Exploit prediction scoring system (EPSS) score for CVE-2021-26084

97.41%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2021-26084

  • Atlassian Confluence WebWork OGNL Injection
    Disclosure Date: 2021-08-25
    First seen: 2022-12-23
    exploit/multi/http/atlassian_confluence_webwork_ognl_injection
    This module exploits an OGNL injection in Atlassian Confluence's WebWork component to execute commands as the Tomcat user. Authors: - Benny Jacob - Jang - wvu <wvu@metasploit.com>

CVSS scores for CVE-2021-26084

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.5
HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
NIST
9.8
CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
NIST

CWE ids for CVE-2021-26084

References for CVE-2021-26084

Products affected by CVE-2021-26084

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!