CyberSec.Space Logo
Back to CVE Browser

CVE-2021-26084

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score67.8740%
EPSS Percentile97.41th
PublishedAug 30, 2021
Last ModifiedOct 24, 2025

Vulnerability Description

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

Affected Platforms (CPE)

πŸ“¦
Atlassian

Confluence Data Center

< 6.13.23
πŸ“¦
Atlassian

Confluence Data Center

>= 6.14.0 and < 7.4.11
πŸ“¦
Atlassian

Confluence Data Center

>= 7.5.0 and < 7.11.6
πŸ“¦
Atlassian

Confluence Data Center

>= 7.12.0 and < 7.12.5
πŸ“¦
Atlassian

Confluence Server

< 6.13.23
πŸ“¦
Atlassian

Confluence Server

>= 6.14.0 and < 7.4.11
πŸ“¦
Atlassian

Confluence Server

>= 7.5.0 and < 7.11.6
πŸ“¦
Atlassian

Confluence Server

>= 7.12.0 and < 7.12.5

References & Advisories

πŸ”— http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html
πŸ”— https://jira.atlassian.com/browse/CONFSERVER-67940
πŸ”— http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html
πŸ”— https://jira.atlassian.com/browse/CONFSERVER-67940
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26084

Related Vulnerabilities

CVE-2019-33959.8

The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from versio...

CVE-2019-33969.8

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 ...

CVE-2019-33988.8

Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who...

CVE-2019-33948.8

There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker wi...