CVE-2021-43940 - Vulnerability Details - OpenCVE

Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Atlassian	Confluence Data Center Confluence Server
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:atlassian:confluence_data_center::::::::
	cpe:2.3:a:atlassian:confluence_data_center::::::::
	cpe:2.3:a:atlassian:confluence_server::::::::
	cpe:2.3:a:atlassian:confluence_server::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://jira.atlassian.com/browse/CONFSERVER-66550

History

Tue, 08 Oct 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: atlassian

Published: 2022-02-15T03:15:09.899432Z

Updated: 2024-10-08T16:38:51.537Z

Reserved: 2021-11-16T00:00:00

Link: CVE-2021-43940

Vulnrichment

Updated: 2024-08-04T04:10:17.171Z

NVD

Status : Modified

Published: 2022-02-15T04:15:07.177

Modified: 2024-11-21T06:30:02.713

Link: CVE-2021-43940

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Confluence Server", "vendor": "Atlassian", "versions": [{"lessThan": "7.4.10", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "unspecified", "status": "affected", "version": "7.5.0", "versionType": "custom"}, {"lessThan": "7.12.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Confluence Data Center", "vendor": "Atlassian", "versions": [{"lessThan": "7.4.10", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "unspecified", "status": "affected", "version": "7.5.0", "versionType": "custom"}, {"lessThan": "7.12.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2021-11-26T00:00:00", "descriptions": [{"lang": "en", "value": "Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "Uncontrolled Search Path Element (CWE-427)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-07T00:25:08", "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "shortName": "atlassian"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://jira.atlassian.com/browse/CONFSERVER-66550"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@atlassian.com", "DATE_PUBLIC": "2021-11-26T00:00:00", "ID": "CVE-2021-43940", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Confluence Server", "version": {"version_data": [{"version_affected": "<", "version_value": "7.4.10"}, {"version_affected": ">=", "version_value": "7.5.0"}, {"version_affected": "<", "version_value": "7.12.3"}]}}, {"product_name": "Confluence Data Center", "version": {"version_data": [{"version_affected": "<", "version_value": "7.4.10"}, {"version_affected": ">=", "version_value": "7.5.0"}, {"version_affected": "<", "version_value": "7.12.3"}]}}]}, "vendor_name": "Atlassian"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Uncontrolled Search Path Element (CWE-427)"}]}]}, "references": {"reference_data": [{"name": "https://jira.atlassian.com/browse/CONFSERVER-66550", "refsource": "MISC", "url": "https://jira.atlassian.com/browse/CONFSERVER-66550"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:10:17.171Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jira.atlassian.com/browse/CONFSERVER-66550"}]}, {"affected": [{"vendor": "atlassian", "product": "confluence_data_center", "cpes": ["cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "7.4.10", "versionType": "custom"}, {"version": "7.5.0", "status": "affected", "lessThan": "7.12.3", "versionType": "custom"}]}, {"vendor": "atlassian", "product": "confluence_server", "cpes": ["cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "7.4.10", "versionType": "custom"}, {"version": "7.5.0", "status": "affected", "lessThan": "7.12.3", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-08T16:35:44.027223Z", "id": "CVE-2021-43940", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-08T16:38:51.537Z"}}]}, "cveMetadata": {"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "assignerShortName": "atlassian", "cveId": "CVE-2021-43940", "datePublished": "2022-02-15T03:15:09.899432Z", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2024-10-08T16:38:51.537Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://jira.atlassian.com/browse/CONFSERVER-66550", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:10:17.171Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-43940", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-08T16:35:44.027223Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"], "vendor": "atlassian", "product": "confluence_data_center", "versions": [{"status": "affected", "version": "0", "lessThan": "7.4.10", "versionType": "custom"}, {"status": "affected", "version": "7.5.0", "lessThan": "7.12.3", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*"], "vendor": "atlassian", "product": "confluence_server", "versions": [{"status": "affected", "version": "0", "lessThan": "7.4.10", "versionType": "custom"}, {"status": "affected", "version": "7.5.0", "lessThan": "7.12.3", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-08T16:38:44.660Z"}}], "cna": {"affected": [{"vendor": "Atlassian", "product": "Confluence Server", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "7.4.10", "versionType": "custom"}, {"status": "affected", "version": "7.5.0", "lessThan": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "unspecified", "lessThan": "7.12.3", "versionType": "custom"}]}, {"vendor": "Atlassian", "product": "Confluence Data Center", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "7.4.10", "versionType": "custom"}, {"status": "affected", "version": "7.5.0", "lessThan": "unspecified", "versionType": "custom"}, {"status": "affected", "version": "unspecified", "lessThan": "7.12.3", "versionType": "custom"}]}], "datePublic": "2021-11-26T00:00:00", "references": [{"url": "https://jira.atlassian.com/browse/CONFSERVER-66550", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-427", "description": "Uncontrolled Search Path Element (CWE-427)"}]}], "providerMetadata": {"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "shortName": "atlassian", "dateUpdated": "2022-03-07T00:25:08"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "7.4.10", "version_affected": "<"}, {"version_value": "7.5.0", "version_affected": ">="}, {"version_value": "7.12.3", "version_affected": "<"}]}, "product_name": "Confluence Server"}, {"version": {"version_data": [{"version_value": "7.4.10", "version_affected": "<"}, {"version_value": "7.5.0", "version_affected": ">="}, {"version_value": "7.12.3", "version_affected": "<"}]}, "product_name": "Confluence Data Center"}]}, "vendor_name": "Atlassian"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://jira.atlassian.com/browse/CONFSERVER-66550", "name": "https://jira.atlassian.com/browse/CONFSERVER-66550", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Uncontrolled Search Path Element (CWE-427)"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-43940", "STATE": "PUBLIC", "ASSIGNER": "security@atlassian.com", "DATE_PUBLIC": "2021-11-26T00:00:00"}}}}, "cveMetadata": {"cveId": "CVE-2021-43940", "state": "PUBLISHED", "dateUpdated": "2024-10-08T16:38:51.537Z", "dateReserved": "2021-11-16T00:00:00", "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "datePublished": "2022-02-15T03:15:09.899432Z", "assignerShortName": "atlassian"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "83557716-7A48-48D5-85A9-4A29DBF4F511", "versionEndExcluding": "7.4.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A310D77-1FFF-4FFE-AD50-75DFF973EB3F", "versionEndExcluding": "7.12.3", "versionStartIncluding": "7.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BA04112-3B97-491B-93E6-80C444274430", "versionEndExcluding": "7.4.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1148DF0-42C0-435F-A6EB-EFA93E10E8D7", "versionEndExcluding": "7.12.3", "versionStartIncluding": "7.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."}, {"lang": "es", "value": "Las versiones afectadas de Atlassian Confluence Server y Data Center permiten a los atacantes locales autentificados conseguir privilegios elevados en el sistema local a trav\u00e9s de una vulnerabilidad de DLL Hijacking en el instalador de Confluence. Esta vulnerabilidad s\u00f3lo afecta a las instalaciones de Confluence Server y Data Center en Windows. Las versiones afectadas son anteriores a la versi\u00f3n 7.4.10, y desde la versi\u00f3n 7.5.0 hasta la versi\u00f3n7.12.3"}], "id": "CVE-2021-43940", "lastModified": "2024-11-21T06:30:02.713", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-02-15T04:15:07.177", "references": [{"source": "security@atlassian.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://jira.atlassian.com/browse/CONFSERVER-66550"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://jira.atlassian.com/browse/CONFSERVER-66550"}], "sourceIdentifier": "security@atlassian.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "security@atlassian.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}]}