Atlassian

Confluence Data Center

36 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-21672

  • EPSS 4.27%
  • Veröffentlicht 16.01.2024 05:15:08
  • Zuletzt bearbeitet 02.06.2025 16:15:26

This High severity Remote Code Execution (RCE) vulnerability was introduced in version 2.1.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.3 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:R/...

8.8

CVE-2024-21673

  • EPSS 4.91%
  • Veröffentlicht 16.01.2024 05:15:08
  • Zuletzt bearbeitet 03.06.2025 19:15:36

This High severity Remote Code Execution (RCE) vulnerability was introduced in versions 7.13.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.0 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:H/UI:...

8.8

CVE-2023-22526

  • EPSS 0.58%
  • Veröffentlicht 16.01.2024 05:15:07
  • Zuletzt bearbeitet 21.11.2024 07:44:58

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 7.19.0 of Confluence Data Center. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrar...

8.8

CVE-2023-22522

Warnung
  • EPSS 42.29%
  • Veröffentlicht 06.12.2023 05:15:09
  • Zuletzt bearbeitet 21.11.2024 07:44:58

This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution (RCE) on an aff...

9.8

CVE-2023-22518

Warnung Exploit
  • EPSS 94.38%
  • Veröffentlicht 31.10.2023 15:15:08
  • Zuletzt bearbeitet 24.10.2025 13:38:59

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account....

9.8

CVE-2023-22515

Warnung Exploit
  • EPSS 94.35%
  • Veröffentlicht 04.10.2023 14:15:10
  • Zuletzt bearbeitet 24.10.2025 13:39:01

Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Conf...

8.8

CVE-2023-22508

  • EPSS 5.45%
  • Veröffentlicht 18.07.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 07:44:57

This High severity RCE (Remote Code Execution) vulnerability known as CVE-2023-22508 was introduced in version 6.1.0 of Confluence Data Center & Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated...

8.8

CVE-2023-22505

  • EPSS 2.89%
  • Veröffentlicht 18.07.2023 21:15:15
  • Zuletzt bearbeitet 21.11.2024 07:44:57

This High severity RCE (Remote Code Execution) vulnerability known as CVE-2023-22505 was introduced in version 8.0.0 of Confluence Data Center & Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8, allows an authenticated ...

5.3

CVE-2023-22503

  • EPSS 0.29%
  • Veröffentlicht 01.05.2023 17:15:08
  • Zuletzt bearbeitet 21.11.2024 07:44:56

Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview ...

7.5

CVE-2022-42978

Exploit
  • EPSS 1.1%
  • Veröffentlicht 15.11.2022 01:15:13
  • Zuletzt bearbeitet 30.04.2025 18:15:35

In the Netic User Export add-on before 1.3.5 for Atlassian Confluence, authorization is mishandled. An unauthenticated attacker could access files on the remote system.