漏洞信息(CVE-2021-26084)

一、漏洞 CVE-2021-26084 基础信息

漏洞信息

                                        # N/A

## 漏洞概述
在Confluence Server和Data Center的某些受影响版本中，存在一个OGNL注入漏洞，允许未认证的攻击者在Confluence Server或Data Center实例上执行任意代码。

## 影响版本
- 6.13.23之前的版本
- 6.14.0到7.4.11之前的版本
- 7.5.0到7.11.6之前的版本
- 7.12.0到7.12.5之前的版本

## 漏洞细节
该漏洞是由于OGNL (Object-Graph Navigation Language) 注入导致的，攻击者可以通过该漏洞执行任意代码，进而控制受影响的Confluence Server或Data Center实例。

## 影响
未认证的攻击者可以利用此漏洞执行任意代码，导致潜在的系统控制权被接管，可能引发数据泄露、服务中断及其他安全风险。

提示

尽管我们采用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确，但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利！

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Atlassian Confluence Server 注入漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能，并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server and Data Center 存在注入漏洞，经过身份验证的用户在Confluence 服务器或数据中心实例上执行任意代码。以下产品及版本收到影响：All 4.x.x versions、All 5.x.x versions、All 6.0.x versions、All 6.1.x ver

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

注入

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2021-26084 的公开POC

#	POC 描述	源链接	神龙链接
1	CVE-2021-26084 - Confluence Pre-Auth RCE \| OGNL injection	https://github.com/crowsec-edtech/CVE-2021-26084	POC详情
2	None	https://github.com/alt3kx/CVE-2021-26084_PoC	POC详情
3	None	https://github.com/dinhbaouit/CVE-2021-26084	POC详情
4	CVE-2021-26084 Remote Code Execution on Confluence Servers, reference: https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md	https://github.com/JKme/CVE-2021-26084	POC详情
5	Confluence Server Webwork OGNL injection	https://github.com/h3v0x/CVE-2021-26084_Confluence	POC详情
6	Atlassian Confluence Pre-Auth RCE	https://github.com/Udyz/CVE-2021-26084	POC详情
7	CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection 回显	https://github.com/prettyrecon/CVE-2021-26084_Confluence	POC详情
8	CVE-2021-26084 Remote Code Execution on Confluence Servers	https://github.com/0xf4n9x/CVE-2021-26084	POC详情
9	Remote Code Execution on Confluence Servers : CVE-2021-26084	https://github.com/Vulnmachines/Confluence_CVE-2021-26084	POC详情
10	CVE-2021-26084 Remote Code Execution on Confluence Servers	https://github.com/Osyanina/westone-CVE-2021-26084-scanner	POC详情
11	批量检测	https://github.com/b1gw00d/CVE-2021-26084	POC详情
12	CVE-2021-26084 - Confluence Server Webwork OGNL injection (Pre-Auth RCE)	https://github.com/taythebot/CVE-2021-26084	POC详情
13	PoC of CVE-2021-26084 written in Golang based on https://twitter.com/jas502n/status/1433044110277890057?s=20	https://github.com/bcdannyboy/CVE-2021-26084_GoPOC	POC详情
14	Just run command without brain	https://github.com/smallpiggy/cve-2021-26084-confluence	POC详情
15	This is exploit	https://github.com/maskerTUI/CVE-2021-26084	POC详情
16	This nuclei template is to verify the vulnerability without executing any commands to the target machine	https://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template	POC详情
17	CVE-2021-26084	https://github.com/p0nymc1/CVE-2021-26084	POC详情
18	CVE-2021-26084 Confluence OGNL injection	https://github.com/Loneyers/CVE-2021-26084	POC详情
19	cve-2021-26084 EXP	https://github.com/Xc1Ym/cve_2021_26084	POC详情
20	Setting up POC for CVE-2021-26084	https://github.com/wolf1892/confluence-rce-poc	POC详情
21	Confluence server webwork OGNL injection	https://github.com/smadi0x86/CVE-2021-26084	POC详情
22	asjhdsajdlksavksapfoka	https://github.com/kkin77/CVE-2021-26084-Confluence-OGNL	POC详情
23	Atlassian Confluence CVE-2021-26084 one-liner mass checker	https://github.com/1ZRR4H/CVE-2021-26084	POC详情
24	A quick and dirty PoC of cve-2021-26084 as none of the existing ones worked for me.	https://github.com/GlennPegden2/cve-2021-26084-confluence	POC详情
25	Patched Confluence 7.12.2 (CVE-2021-26084)	https://github.com/toowoxx/docker-confluence-patched	POC详情
26	CVE-2021-26084 patch as provided in "Confluence Security Advisory - 2021-08-25"	https://github.com/nizar0x1f/CVE-2021-26084-patch-	POC详情
27	Confluence OGNL injection	https://github.com/dorkerdevil/CVE-2021-26084	POC详情
28	[CVE-2021-26084] Confluence pre-auth RCE test script	https://github.com/ludy-dev/CVE-2021-26084_PoC	POC详情
29	None	https://github.com/wdjcy/CVE-2021-26084	POC详情
30	CVE-2021-26084 - Confluence Server Webwork OGNL injection	https://github.com/orangmuda/CVE-2021-26084	POC详情
31	Exploit CVE 2021 26084 Confluence	https://github.com/TheclaMcentire/CVE-2021-26084_Confluence	POC详情
32	confluence远程代码执行RCE / Code By:Jun_sheng	https://github.com/Jun-5heng/CVE-2021-26084	POC详情
33	CVE-2021-26084，Atlassian Confluence OGNL注入漏洞	https://github.com/lleavesl/CVE-2021-26084	POC详情
34	Python 3 script to identify CVE-2021-26084 via network requests.	https://github.com/quesodipesto/conflucheck	POC详情
35	OGNL Injection in Confluence server version < 7.12.5	https://github.com/30579096/Confluence-CVE-2021-26084	POC详情
36	POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection Vulneralibity.	https://github.com/antx-code/CVE-2021-26084	POC详情
37	None	https://github.com/vpxuser/CVE-2021-26084-EXP	POC详情
38	Confluence Server Webwork OGNL injection	https://github.com/hev0x/CVE-2021-26084_Confluence	POC详情
39	Python3 RCE PoC for CVE-2021-26084	https://github.com/Marshall-Hallenbeck/CVE-2021-26084_Confluence_RCE	POC详情
40	None	https://github.com/nahcusira/CVE-2021-26084	POC详情
41	Atlassian Confluence Pre-Auth RCE	https://github.com/CrackerCat/CVE-2021-26084	POC详情
42	POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection Vulneralibity.	https://github.com/ZZ-SOCMAP/CVE-2021-26084	POC详情
43	Confluence OGNL injection	https://github.com/attacker-codeninja/CVE-2021-26084	POC详情
44	Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5. The vulnerable endpoints can be accessed by a non-administrator user or unauthenticated user if 'Allow people to sign up to create their account' is enabled. To check whether this is enabled go to COG > User Management > User Signup Options.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-26084.yaml	POC详情
45	None	https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Atlassian%20Confluence%20doenterpagevariables.action%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2021-26084.md	POC详情
46	None	https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Atlassian%20Confluence%20OGNL%E8%A1%A8%E8%BE%BE%E5%BC%8F%E6%B3%A8%E5%85%A5%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2021-26084.md	POC详情
47		https://github.com/vulhub/vulhub/blob/master/confluence/CVE-2021-26084/README.md	POC详情

三、漏洞 CVE-2021-26084 的情报信息

https://jira.atlassian.com/browse/CONFSERVER-67940 x_refsource_MISC
http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2021-26084

一、 漏洞 CVE-2021-26084 基础信息

漏洞信息

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2021-26084 的公开POC

三、漏洞 CVE-2021-26084 的情报信息

一、漏洞 CVE-2021-26084 基础信息