CVE-2021-26085
MEDIUM KEV RANSOMWARE NUCLEIAtlassian Confluence Server <7.4.10, >7.5.0-7.12.2 - Info Disclosure
Title source: llmDescription
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.
Exploits (2)
exploitdb
WORKING POC
by Mayank Deshmukh · textwebappsjava
https://www.exploit-db.com/exploits/50377
nomisec
WORKING POC
14 stars
by ColdFusionX · infoleak
https://github.com/ColdFusionX/CVE-2021-26085
Nuclei Templates (1)
Atlassian Confluence Server - Local File Inclusion
MEDIUMby princechaddha
Shodan:
http.component:"Atlassian Confluence" || http.component:"atlassian confluence"
FOFA:
app="atlassian-confluence"
References (3)
Scores
CVSS v3
5.3
EPSS
0.9398
EPSS Percentile
99.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CISA KEV
2022-03-28
VulnCheck KEV
2022-03-28
InTheWild.io
2021-12-03
ENISA EUVD
EUVD-2021-12906
Ransomware Use
Confirmed
CWE
CWE-425
Status
published
Products (2)
atlassian/confluence_data_center
< 7.4.10
atlassian/confluence_server
< 7.4.10
Published
Aug 03, 2021
KEV Added
Mar 28, 2022
Tracked Since
Feb 18, 2026