Limited Black Friday Offer:

Confluence Pre-Authorization Arbitrary File Read - CVE-2021-26085 Scanner

There is an arbitrary file read vulnerability in Confluence, which allow remote attackers to read arbitrary files.

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

Confluence Pre-Authorization Arbitrary File Read - CVE-2021-26085 Scanner Detail

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.

http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html
https://jira.atlassian.com/browse/CONFSERVER-67893