RCE – Confluence (CVE-2024-21683) with public exploits on GitHub. Authentication is required. Both Confluence Data Center and Confluence Server are vulnerable.
🔻 Version 8.5.9 LTS, which fixes the vulnerability, was released on May 9.
🔻 On May 23, after the description of the vulnerability in NVD and the Atlassian ticket became public, researcher Huong Kieu studied the patch, described the vulnerability and reported that he was able to make a PoC. On the same day, exploits for this vulnerability appeared on GitHub.
Atlassian likely held back information about fixing this vulnerability so that more organizations could update before active exploitation began. However, they didn’t quite succeed. Apparently they accidentally published the ticket on May 15th, and then hid it until May 23rd. But the vulnerability search engine Vulners remembered it. 😉 So information about the vulnerability was available all this time.
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.