{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T12:17:43.756","vulnerabilities":[{"cve":{"id":"CVE-2021-43940","sourceIdentifier":"security@atlassian.com","published":"2022-02-15T04:15:07.177","lastModified":"2024-11-21T06:30:02.713","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3."},{"lang":"es","value":"Las versiones afectadas de Atlassian Confluence Server y Data Center permiten a los atacantes locales autentificados conseguir privilegios elevados en el sistema local a través de una vulnerabilidad de DLL Hijacking en el instalador de Confluence. Esta vulnerabilidad sólo afecta a las instalaciones de Confluence Server y Data Center en Windows. Las versiones afectadas son anteriores a la versión 7.4.10, y desde la versión 7.5.0 hasta la versión7.12.3"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"security@atlassian.com","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*","versionEndExcluding":"7.4.10","matchCriteriaId":"83557716-7A48-48D5-85A9-4A29DBF4F511"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*","versionStartIncluding":"7.5.0","versionEndExcluding":"7.12.3","matchCriteriaId":"6A310D77-1FFF-4FFE-AD50-75DFF973EB3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*","versionEndExcluding":"7.4.10","matchCriteriaId":"4BA04112-3B97-491B-93E6-80C444274430"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.5.0","versionEndExcluding":"7.12.3","matchCriteriaId":"B1148DF0-42C0-435F-A6EB-EFA93E10E8D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://jira.atlassian.com/browse/CONFSERVER-66550","source":"security@atlassian.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://jira.atlassian.com/browse/CONFSERVER-66550","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}}]}