CVE-2021-26085
Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability
CVSS
—
Sin CVSS
EPSS
99.9%
p100
KEV
SÍ
28 mar 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
99.9%EPSS · 30 días99.9%
2026-06-302026-07-16
Producto
Atlassian / Confluence Server
Vulnerabilidad
Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability
Añadido a KEV
28 mar 2022
Remediar antes de
18 abr 2022
Uso conocido en ransomware
Sí
Descripción resumida
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2021-26085
Sin CVEs relacionados por CWE o producto.