CVE-2021-26085
CVE-2021-26085
In short
Atlassian Confluence Server has a vulnerability that allows attackers to read files they shouldn't have access to by exploiting the /s/ endpoint. This means sensitive information could be exposed without proper authentication.
Technical detail
A pre-authorization arbitrary file read vulnerability exists in the /s/ endpoint of Confluence Server versions before 7.4.10 and 7.5.0–7.12.2, allowing unauthenticated remote attackers to bypass access controls and retrieve restricted files. The vulnerability stems from insufficient authorization checks on file retrieval operations, potentially exposing sensitive configuration or user data.
Summary generated and translated by AI from the official description.
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
public PoCs found — 3
githubgithub.com/ColdFusionX/CVE-2021-26085★ 13cve_referencepacketstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.htmlunverifiedexploitdbwww.exploit-db.com/exploits/50377unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →