June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Highly Severe Oracle WebLogic Server OS Command Injection Flaw Actively Exploited
June 4, 2024
High-Severity Atlassian Confluence Vulnerability Allows Attackers to Execute Code
June 4, 2024
Highly Severe Oracle WebLogic Server OS Command Injection Flaw Actively Exploited
June 4, 2024
High-Severity Atlassian Confluence Vulnerability Allows Attackers to Execute Code
June 4, 2024
Severity
High
Analysis Summary
CVE-2024-21683
Atlassian Confluence Data Center and Server could allow a remote authenticated attacker to execute arbitrary code on the system. An attacker could exploit this vulnerability to cause high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.
Impact
- Gain Access
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-21683
Affected Vendors
Atlassian
Affected Products
- Atlassian Confluence Server 8.0.0
- Atlassian Confluence Data Center 8.0.0
- Atlassian Confluence Data Center 8.1.0
- Atlassian Confluence Data Center 8.2.0
- Atlassian Confluence Server 8.4.0
- Atlassian Confluence Server 8.3.0
- Atlassian Confluence Server 8.2.0
- Atlassian Confluence Server 8.1.0
- Atlassian Confluence Server 8.5.0
- Atlassian Confluence Data Center 8.5.0
- Atlassian Confluence Data Center 8.4.0
- Atlassian Confluence Data Center 8.3.0
Remediation
Refer to Atlassian Security Advisory for patch, upgrade or suggested workaround information.
