How severe is CVE-2021-26085?

CVE-2021-26085 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2021-26085

Name: confluence_server
Author: atlassian

5.3MEDIUM

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected version

Опубликовано: 8/3/2021Обновлено: 10/24/2025

Известная эксплуатируемая уязвимость CISA

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.

Требуемое действие:

Apply updates per vendor instructions.

Срок:

2022-04-18

Известное использование вымогателей

Описание

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.

ИИ-АнализНа базе ИИ

Затронутые продукты

atlassianconfluence_data_center

atlassianconfluence_server

Известная эксплуатируемая уязвимость CISA

Описание

ИИ-АнализНа базе ИИ

Затронутые продукты

Доступные эксплойты (1)

Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read

Ссылки