How severe is CVE-2021-26085?

CVE-2021-26085 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2021-26085

Name: confluence_server
Author: atlassian

5.3MEDIUM

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected version

Publicado: 8/3/2021Atualizado: 10/24/2025

Vulnerabilidade Explorada Conhecida (CISA)

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.

Ação Necessária:

Apply updates per vendor instructions.

Prazo:

2022-04-18

Uso Conhecido de Ransomware

Descrição

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.

Análise IADesenvolvido por IA

Produtos Afetados

atlassianconfluence_data_center

atlassianconfluence_server

Vulnerabilidade Explorada Conhecida (CISA)

Descrição

Análise IADesenvolvido por IA

Produtos Afetados

Exploits Disponíveis (1)

Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read

Referências