cvelistv5 - cve-2024-21683

cve-2024-21683

Vulnerability from cvelistv5

Published

2024-05-21 23:00

Modified

2025-03-14 20:55

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS score ?

92.20% (0.99706)

Summary

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html You can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives. This vulnerability was found internally.

References

▼	URL	Tags
	security@atlassian.com	https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211
	security@atlassian.com	https://jira.atlassian.com/browse/CONFSERVER-95832

Impacted products

	Vendor	Product	Version
	Atlassian	Confluence Data Center	Version: 8.9.0 Version: 8.8.0 to 8.8.1 Version: 8.7.1 to 8.7.2 Version: 8.6.0 to 8.6.2 Version: 8.5.0 to 8.5.8 Version: 8.4.0 to 8.4.5 Version: 8.3.0 to 8.3.4 Version: 8.2.0 to 8.2.3 Version: 8.1.0 to 8.1.4 Version: 8.0.0 to 8.0.4 Version: 7.20.0 to 7.20.3 Version: 7.19.0 to 7.19.21

Show details on NVD website

JSON

To clipboard

{
   containers: {
      cna: {
         affected: [
            {
               product: "Confluence Data Center",
               vendor: "Atlassian",
               versions: [
                  {
                     status: "affected",
                     version: "8.9.0",
                  },
                  {
                     status: "affected",
                     version: "8.8.0 to 8.8.1",
                  },
                  {
                     status: "affected",
                     version: "8.7.1 to 8.7.2",
                  },
                  {
                     status: "affected",
                     version: "8.6.0 to 8.6.2",
                  },
                  {
                     status: "affected",
                     version: "8.5.0 to 8.5.8",
                  },
                  {
                     status: "affected",
                     version: "8.4.0 to 8.4.5",
                  },
                  {
                     status: "affected",
                     version: "8.3.0 to 8.3.4",
                  },
                  {
                     status: "affected",
                     version: "8.2.0 to 8.2.3",
                  },
                  {
                     status: "affected",
                     version: "8.1.0 to 8.1.4",
                  },
                  {
                     status: "affected",
                     version: "8.0.0 to 8.0.4",
                  },
                  {
                     status: "affected",
                     version: "7.20.0 to 7.20.3",
                  },
                  {
                     status: "affected",
                     version: "7.19.0 to 7.19.21",
                  },
                  {
                     status: "unaffected",
                     version: "8.9.1 to 8.9.2",
                  },
                  {
                     status: "unaffected",
                     version: "8.5.9 to 8.5.10",
                  },
                  {
                     status: "unaffected",
                     version: "7.19.22 to 7.19.23",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Atlassian",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\n\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. \n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\n\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\n\nThis vulnerability was found internally.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 7.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "RCE (Remote Code Execution)",
                     lang: "en",
                     type: "RCE (Remote Code Execution)",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-14T20:55:38.532Z",
            orgId: "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
            shortName: "atlassian",
         },
         references: [
            {
               url: "https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211",
            },
            {
               url: "https://jira.atlassian.com/browse/CONFSERVER-95832",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
      assignerShortName: "atlassian",
      cveId: "CVE-2024-21683",
      datePublished: "2024-05-21T23:00:00.446Z",
      dateReserved: "2024-01-01T00:05:33.846Z",
      dateUpdated: "2025-03-14T20:55:38.532Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2024-21683\",\"sourceIdentifier\":\"security@atlassian.com\",\"published\":\"2024-05-21T23:15:07.923\",\"lastModified\":\"2025-03-14T21:15:36.697\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\\n\\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. \\n\\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\\n\\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\\n\\nThis vulnerability was found internally.\"},{\"lang\":\"es\",\"value\":\"Esta vulnerabilidad RCE (ejecución remota de código) de alta gravedad se introdujo en la versión 5.2 de Confluence Data Center and Server. Esta vulnerabilidad RCE (ejecución remota de código), con una puntuación CVSS de 8,3, permite a un atacante autenticado ejecutar código arbitrario que tiene un alto impacto en la confidencialidad, un alto impacto en la integridad, un alto impacto en la disponibilidad y no requiere interacción del usuario. Atlassian recomienda que los clientes de Confluence Data Center y Server actualicen a la última versión. Si no puede hacerlo, actualice su instancia a una de las versiones fijas admitidas especificadas. Consulte las notas de la versión https://confluence.atlassian.com/doc/confluence-release-notes-327.html Puede descargar la última versión de Confluence Data Center and Server desde el centro de descargas https://www.atlassian.com /software/confluence/descargar-archivos. Esta vulnerabilidad se encontró internamente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@atlassian.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"references\":[{\"url\":\"https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211\",\"source\":\"security@atlassian.com\"},{\"url\":\"https://jira.atlassian.com/browse/CONFSERVER-95832\",\"source\":\"security@atlassian.com\"}]}}",
      vulnrichment: {
         containers: "{\"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Atlassian\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}}], \"affected\": [{\"vendor\": \"Atlassian\", \"product\": \"Confluence Data Center\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.9.0\"}, {\"status\": \"affected\", \"version\": \"8.8.0 to 8.8.1\"}, {\"status\": \"affected\", \"version\": \"8.7.1 to 8.7.2\"}, {\"status\": \"affected\", \"version\": \"8.6.0 to 8.6.2\"}, {\"status\": \"affected\", \"version\": \"8.5.0 to 8.5.8\"}, {\"status\": \"affected\", \"version\": \"8.4.0 to 8.4.5\"}, {\"status\": \"affected\", \"version\": \"8.3.0 to 8.3.4\"}, {\"status\": \"affected\", \"version\": \"8.2.0 to 8.2.3\"}, {\"status\": \"affected\", \"version\": \"8.1.0 to 8.1.4\"}, {\"status\": \"affected\", \"version\": \"8.0.0 to 8.0.4\"}, {\"status\": \"affected\", \"version\": \"7.20.0 to 7.20.3\"}, {\"status\": \"affected\", \"version\": \"7.19.0 to 7.19.21\"}, {\"status\": \"unaffected\", \"version\": \"8.9.1 to 8.9.2\"}, {\"status\": \"unaffected\", \"version\": \"8.5.9 to 8.5.10\"}, {\"status\": \"unaffected\", \"version\": \"7.19.22 to 7.19.23\"}]}], \"references\": [{\"url\": \"https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211\"}, {\"url\": \"https://jira.atlassian.com/browse/CONFSERVER-95832\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\\n\\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\\u00a0\\n\\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\\n\\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\\n\\nThis vulnerability was found internally.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"RCE (Remote Code Execution)\", \"description\": \"RCE (Remote Code Execution)\"}]}], \"providerMetadata\": {\"orgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"shortName\": \"atlassian\", \"dateUpdated\": \"2025-03-14T20:55:38.532Z\"}}, \"adp\": [{\"providerMetadata\": {\"shortName\": \"CISA-ADP\", \"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"dateUpdated\": \"2024-05-24T14:08:46.801Z\"}, \"title\": \"CISA ADP Vulnrichment\"}]}",
         cveMetadata: "{\"cveId\": \"CVE-2024-21683\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-14T20:55:38.532Z\", \"dateReserved\": \"2024-01-01T00:05:33.846Z\", \"assignerOrgId\": \"f08a6ab8-ed46-4c22-8884-d911ccfe3c66\", \"datePublished\": \"2024-05-21T23:00:00.446Z\", \"assignerShortName\": \"atlassian\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

ghsa-vr88-2hv2-5jvf

Vulnerability from github

Published

2024-05-22 00:30

Modified

2025-03-14 18:30

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.

This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.3, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.

Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html

You can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.

This vulnerability was found internally.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2024-21683",
   ],
   database_specific: {
      cwe_ids: [],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2024-05-21T23:15:07Z",
      severity: "HIGH",
   },
   details: "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\n\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.3, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. \n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\n\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\n\nThis vulnerability was found internally.",
   id: "GHSA-vr88-2hv2-5jvf",
   modified: "2025-03-14T18:30:39Z",
   published: "2024-05-22T00:30:34Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21683",
      },
      {
         type: "WEB",
         url: "https://confluence.atlassian.com/pages/viewpage.action?pageId=1387867145",
      },
      {
         type: "WEB",
         url: "https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211",
      },
      {
         type: "WEB",
         url: "https://jira.atlassian.com/browse/CONFSERVER-95832",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
         type: "CVSS_V3",
      },
   ],
}

ncsc-2024-0231

Vulnerability from csaf_ncscnl

Published

2024-05-22 11:13

Modified

2024-05-22 11:13

Summary

Kwetsbaarheden verholpen in Atlassian producten

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Atlassian heeft kwetsbaarheden verholpen in diverse producten, zoals Jira, Confluence en Bitbucket.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Cross-Site Request Forgery (XSRF) - Denial-of-Service (DoS) - Omzeilen van authenticatie - (Remote) code execution (Administrator/Root rechten) - (Remote) code execution (Gebruikersrechten) - SQL Injection - Toegang tot systeemgegevens

Oplossingen

Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie: https://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html

Kans

medium

Schade

high

CWE-284

Improper Access Control

CWE-20

Improper Input Validation

CWE-281

Improper Preservation of Permissions

CWE-400

Uncontrolled Resource Consumption

CWE-404

Improper Resource Shutdown or Release

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-459

Incomplete Cleanup

CWE-502

Deserialization of Untrusted Data

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-913

Improper Control of Dynamically-Managed Code Resources

CWE-96

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
         },
      },
      lang: "nl",
      notes: [
         {
            category: "legal_disclaimer",
            text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.",
         },
         {
            category: "description",
            text: "Atlassian heeft kwetsbaarheden verholpen in diverse producten, zoals Jira, Confluence en Bitbucket.",
            title: "Feiten",
         },
         {
            category: "description",
            text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Cross-Site Request Forgery (XSRF)\n- Denial-of-Service (DoS)\n- Omzeilen van authenticatie\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- SQL Injection\n- Toegang tot systeemgegevens\n",
            title: "Interpretaties",
         },
         {
            category: "description",
            text: "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie:\n\nhttps://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html",
            title: "Oplossingen",
         },
         {
            category: "general",
            text: "medium",
            title: "Kans",
         },
         {
            category: "general",
            text: "high",
            title: "Schade",
         },
         {
            category: "general",
            text: "Improper Access Control",
            title: "CWE-284",
         },
         {
            category: "general",
            text: "Improper Input Validation",
            title: "CWE-20",
         },
         {
            category: "general",
            text: "Improper Preservation of Permissions",
            title: "CWE-281",
         },
         {
            category: "general",
            text: "Uncontrolled Resource Consumption",
            title: "CWE-400",
         },
         {
            category: "general",
            text: "Improper Resource Shutdown or Release",
            title: "CWE-404",
         },
         {
            category: "general",
            text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
            title: "CWE-444",
         },
         {
            category: "general",
            text: "Incomplete Cleanup",
            title: "CWE-459",
         },
         {
            category: "general",
            text: "Deserialization of Untrusted Data",
            title: "CWE-502",
         },
         {
            category: "general",
            text: "URL Redirection to Untrusted Site ('Open Redirect')",
            title: "CWE-601",
         },
         {
            category: "general",
            text: "Allocation of Resources Without Limits or Throttling",
            title: "CWE-770",
         },
         {
            category: "general",
            text: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
            title: "CWE-89",
         },
         {
            category: "general",
            text: "Improper Control of Dynamically-Managed Code Resources",
            title: "CWE-913",
         },
         {
            category: "general",
            text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
            title: "CWE-96",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "cert@ncsc.nl",
         name: "Nationaal Cyber Security Centrum",
         namespace: "https://www.ncsc.nl/",
      },
      references: [
         {
            category: "external",
            summary: "Reference - cveprojectv5; nvd",
            url: "https://confluence.atlassian.com/pages/viewpage.action?pageId=1387867145",
         },
      ],
      title: "Kwetsbaarheden verholpen in Atlassian producten",
      tracking: {
         current_release_date: "2024-05-22T11:13:07.693855Z",
         id: "NCSC-2024-0231",
         initial_release_date: "2024-05-22T11:13:07.693855Z",
         revision_history: [
            {
               date: "2024-05-22T11:13:07.693855Z",
               number: "0",
               summary: "Initiele versie",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "bamboo",
                  product: {
                     name: "bamboo",
                     product_id: "CSAFPID-716889",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "bitbucket",
                  product: {
                     name: "bitbucket",
                     product_id: "CSAFPID-344199",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "confluence",
                  product: {
                     name: "confluence",
                     product_id: "CSAFPID-551338",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "crowd",
                  product: {
                     name: "crowd",
                     product_id: "CSAFPID-344399",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "jira_service_management",
                  product: {
                     name: "jira_service_management",
                     product_id: "CSAFPID-343852",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "jira_service_management",
                  product: {
                     name: "jira_service_management",
                     product_id: "CSAFPID-343851",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "jira",
                  product: {
                     name: "jira",
                     product_id: "CSAFPID-98204",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "atlassian",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2017-7656",
         cwe: {
            id: "CWE-444",
            name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
         },
         notes: [
            {
               category: "other",
               text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
               title: "CWE-444",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2017-7656",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2017/CVE-2017-7656.json",
            },
         ],
         title: "CVE-2017-7656",
      },
      {
         cve: "CVE-2017-9735",
         references: [
            {
               category: "self",
               summary: "CVE-2017-9735",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2017/CVE-2017-9735.json",
            },
         ],
         title: "CVE-2017-9735",
      },
      {
         cve: "CVE-2020-10672",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-10672",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10672.json",
            },
         ],
         title: "CVE-2020-10672",
      },
      {
         cve: "CVE-2020-10673",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-10673",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10673.json",
            },
         ],
         title: "CVE-2020-10673",
      },
      {
         cve: "CVE-2020-10968",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-10968",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10968.json",
            },
         ],
         title: "CVE-2020-10968",
      },
      {
         cve: "CVE-2020-10969",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-10969",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10969.json",
            },
         ],
         title: "CVE-2020-10969",
      },
      {
         cve: "CVE-2020-11111",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-11111",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11111.json",
            },
         ],
         title: "CVE-2020-11111",
      },
      {
         cve: "CVE-2020-11112",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-11112",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11112.json",
            },
         ],
         title: "CVE-2020-11112",
      },
      {
         cve: "CVE-2020-11113",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-11113",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11113.json",
            },
         ],
         title: "CVE-2020-11113",
      },
      {
         cve: "CVE-2020-24616",
         references: [
            {
               category: "self",
               summary: "CVE-2020-24616",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-24616.json",
            },
         ],
         title: "CVE-2020-24616",
      },
      {
         cve: "CVE-2020-35728",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-35728",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-35728.json",
            },
         ],
         title: "CVE-2020-35728",
      },
      {
         cve: "CVE-2020-36179",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36179",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36179.json",
            },
         ],
         title: "CVE-2020-36179",
      },
      {
         cve: "CVE-2020-36180",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36180",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36180.json",
            },
         ],
         title: "CVE-2020-36180",
      },
      {
         cve: "CVE-2020-36181",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36181",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36181.json",
            },
         ],
         title: "CVE-2020-36181",
      },
      {
         cve: "CVE-2020-36182",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36182",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36182.json",
            },
         ],
         title: "CVE-2020-36182",
      },
      {
         cve: "CVE-2020-36184",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36184",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36184.json",
            },
         ],
         title: "CVE-2020-36184",
      },
      {
         cve: "CVE-2020-36188",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36188",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36188.json",
            },
         ],
         title: "CVE-2020-36188",
      },
      {
         cve: "CVE-2021-28165",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2021-28165",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-28165.json",
            },
         ],
         title: "CVE-2021-28165",
      },
      {
         cve: "CVE-2022-25647",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2022-25647",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25647.json",
            },
         ],
         title: "CVE-2022-25647",
      },
      {
         cve: "CVE-2022-41966",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2022-41966",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41966.json",
            },
         ],
         title: "CVE-2022-41966",
      },
      {
         cve: "CVE-2022-42003",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2022-42003",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42003.json",
            },
         ],
         title: "CVE-2022-42003",
      },
      {
         cve: "CVE-2023-4759",
         references: [
            {
               category: "self",
               summary: "CVE-2023-4759",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json",
            },
         ],
         title: "CVE-2023-4759",
      },
      {
         cve: "CVE-2023-34396",
         references: [
            {
               category: "self",
               summary: "CVE-2023-34396",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34396.json",
            },
         ],
         title: "CVE-2023-34396",
      },
      {
         cve: "CVE-2023-41835",
         cwe: {
            id: "CWE-913",
            name: "Improper Control of Dynamically-Managed Code Resources",
         },
         notes: [
            {
               category: "other",
               text: "Improper Control of Dynamically-Managed Code Resources",
               title: "CWE-913",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2023-41835",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41835.json",
            },
         ],
         title: "CVE-2023-41835",
      },
      {
         cve: "CVE-2023-45859",
         cwe: {
            id: "CWE-281",
            name: "Improper Preservation of Permissions",
         },
         notes: [
            {
               category: "other",
               text: "Improper Preservation of Permissions",
               title: "CWE-281",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2023-45859",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45859.json",
            },
         ],
         title: "CVE-2023-45859",
      },
      {
         cve: "CVE-2024-1597",
         cwe: {
            id: "CWE-89",
            name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
               title: "CWE-89",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-1597",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1597.json",
            },
         ],
         title: "CVE-2024-1597",
      },
      {
         cve: "CVE-2024-21634",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-21634",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21634.json",
            },
         ],
         title: "CVE-2024-21634",
      },
      {
         cve: "CVE-2024-21683",
         references: [
            {
               category: "self",
               summary: "CVE-2024-21683",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21683.json",
            },
         ],
         title: "CVE-2024-21683",
      },
      {
         cve: "CVE-2024-22257",
         cwe: {
            id: "CWE-284",
            name: "Improper Access Control",
         },
         notes: [
            {
               category: "other",
               text: "Improper Access Control",
               title: "CWE-284",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-22257",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json",
            },
         ],
         title: "CVE-2024-22257",
      },
      {
         cve: "CVE-2024-22262",
         cwe: {
            id: "CWE-601",
            name: "URL Redirection to Untrusted Site ('Open Redirect')",
         },
         notes: [
            {
               category: "other",
               text: "URL Redirection to Untrusted Site ('Open Redirect')",
               title: "CWE-601",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-22262",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json",
            },
         ],
         title: "CVE-2024-22262",
      },
      {
         cve: "CVE-2024-23672",
         cwe: {
            id: "CWE-459",
            name: "Incomplete Cleanup",
         },
         notes: [
            {
               category: "other",
               text: "Incomplete Cleanup",
               title: "CWE-459",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-23672",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json",
            },
         ],
         title: "CVE-2024-23672",
      },
      {
         cve: "CVE-2024-24549",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-24549",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json",
            },
         ],
         title: "CVE-2024-24549",
      },
   ],
}

NCSC-2024-0231

Vulnerability from csaf_ncscnl

Published

2024-05-22 11:13

Modified

2024-05-22 11:13

Summary

Kwetsbaarheden verholpen in Atlassian producten

Notes

Feiten

Atlassian heeft kwetsbaarheden verholpen in diverse producten, zoals Jira, Confluence en Bitbucket.

Interpretaties

Oplossingen

Kans

medium

Schade

high

CWE-284

Improper Access Control

CWE-20

Improper Input Validation

CWE-281

Improper Preservation of Permissions

CWE-400

Uncontrolled Resource Consumption

CWE-404

Improper Resource Shutdown or Release

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-459

Incomplete Cleanup

CWE-502

Deserialization of Untrusted Data

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-913

Improper Control of Dynamically-Managed Code Resources

CWE-96

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
         },
      },
      lang: "nl",
      notes: [
         {
            category: "legal_disclaimer",
            text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.",
         },
         {
            category: "description",
            text: "Atlassian heeft kwetsbaarheden verholpen in diverse producten, zoals Jira, Confluence en Bitbucket.",
            title: "Feiten",
         },
         {
            category: "description",
            text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Cross-Site Request Forgery (XSRF)\n- Denial-of-Service (DoS)\n- Omzeilen van authenticatie\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- SQL Injection\n- Toegang tot systeemgegevens\n",
            title: "Interpretaties",
         },
         {
            category: "description",
            text: "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie:\n\nhttps://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html",
            title: "Oplossingen",
         },
         {
            category: "general",
            text: "medium",
            title: "Kans",
         },
         {
            category: "general",
            text: "high",
            title: "Schade",
         },
         {
            category: "general",
            text: "Improper Access Control",
            title: "CWE-284",
         },
         {
            category: "general",
            text: "Improper Input Validation",
            title: "CWE-20",
         },
         {
            category: "general",
            text: "Improper Preservation of Permissions",
            title: "CWE-281",
         },
         {
            category: "general",
            text: "Uncontrolled Resource Consumption",
            title: "CWE-400",
         },
         {
            category: "general",
            text: "Improper Resource Shutdown or Release",
            title: "CWE-404",
         },
         {
            category: "general",
            text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
            title: "CWE-444",
         },
         {
            category: "general",
            text: "Incomplete Cleanup",
            title: "CWE-459",
         },
         {
            category: "general",
            text: "Deserialization of Untrusted Data",
            title: "CWE-502",
         },
         {
            category: "general",
            text: "URL Redirection to Untrusted Site ('Open Redirect')",
            title: "CWE-601",
         },
         {
            category: "general",
            text: "Allocation of Resources Without Limits or Throttling",
            title: "CWE-770",
         },
         {
            category: "general",
            text: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
            title: "CWE-89",
         },
         {
            category: "general",
            text: "Improper Control of Dynamically-Managed Code Resources",
            title: "CWE-913",
         },
         {
            category: "general",
            text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
            title: "CWE-96",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "cert@ncsc.nl",
         name: "Nationaal Cyber Security Centrum",
         namespace: "https://www.ncsc.nl/",
      },
      references: [
         {
            category: "external",
            summary: "Reference - cveprojectv5; nvd",
            url: "https://confluence.atlassian.com/pages/viewpage.action?pageId=1387867145",
         },
      ],
      title: "Kwetsbaarheden verholpen in Atlassian producten",
      tracking: {
         current_release_date: "2024-05-22T11:13:07.693855Z",
         id: "NCSC-2024-0231",
         initial_release_date: "2024-05-22T11:13:07.693855Z",
         revision_history: [
            {
               date: "2024-05-22T11:13:07.693855Z",
               number: "0",
               summary: "Initiele versie",
            },
         ],
         status: "final",
         version: "1.0.0",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "bamboo",
                  product: {
                     name: "bamboo",
                     product_id: "CSAFPID-716889",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "bitbucket",
                  product: {
                     name: "bitbucket",
                     product_id: "CSAFPID-344199",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "confluence",
                  product: {
                     name: "confluence",
                     product_id: "CSAFPID-551338",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "crowd",
                  product: {
                     name: "crowd",
                     product_id: "CSAFPID-344399",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "jira_service_management",
                  product: {
                     name: "jira_service_management",
                     product_id: "CSAFPID-343852",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "jira_service_management",
                  product: {
                     name: "jira_service_management",
                     product_id: "CSAFPID-343851",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*",
                     },
                  },
               },
               {
                  category: "product_name",
                  name: "jira",
                  product: {
                     name: "jira",
                     product_id: "CSAFPID-98204",
                     product_identification_helper: {
                        cpe: "cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "atlassian",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2017-7656",
         cwe: {
            id: "CWE-444",
            name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
         },
         notes: [
            {
               category: "other",
               text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
               title: "CWE-444",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2017-7656",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2017/CVE-2017-7656.json",
            },
         ],
         title: "CVE-2017-7656",
      },
      {
         cve: "CVE-2017-9735",
         references: [
            {
               category: "self",
               summary: "CVE-2017-9735",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2017/CVE-2017-9735.json",
            },
         ],
         title: "CVE-2017-9735",
      },
      {
         cve: "CVE-2020-10672",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-10672",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10672.json",
            },
         ],
         title: "CVE-2020-10672",
      },
      {
         cve: "CVE-2020-10673",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-10673",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10673.json",
            },
         ],
         title: "CVE-2020-10673",
      },
      {
         cve: "CVE-2020-10968",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-10968",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10968.json",
            },
         ],
         title: "CVE-2020-10968",
      },
      {
         cve: "CVE-2020-10969",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-10969",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10969.json",
            },
         ],
         title: "CVE-2020-10969",
      },
      {
         cve: "CVE-2020-11111",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-11111",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11111.json",
            },
         ],
         title: "CVE-2020-11111",
      },
      {
         cve: "CVE-2020-11112",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-11112",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11112.json",
            },
         ],
         title: "CVE-2020-11112",
      },
      {
         cve: "CVE-2020-11113",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-11113",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11113.json",
            },
         ],
         title: "CVE-2020-11113",
      },
      {
         cve: "CVE-2020-24616",
         references: [
            {
               category: "self",
               summary: "CVE-2020-24616",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-24616.json",
            },
         ],
         title: "CVE-2020-24616",
      },
      {
         cve: "CVE-2020-35728",
         cwe: {
            id: "CWE-96",
            name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
               title: "CWE-96",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-35728",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-35728.json",
            },
         ],
         title: "CVE-2020-35728",
      },
      {
         cve: "CVE-2020-36179",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36179",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36179.json",
            },
         ],
         title: "CVE-2020-36179",
      },
      {
         cve: "CVE-2020-36180",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36180",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36180.json",
            },
         ],
         title: "CVE-2020-36180",
      },
      {
         cve: "CVE-2020-36181",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36181",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36181.json",
            },
         ],
         title: "CVE-2020-36181",
      },
      {
         cve: "CVE-2020-36182",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36182",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36182.json",
            },
         ],
         title: "CVE-2020-36182",
      },
      {
         cve: "CVE-2020-36184",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36184",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36184.json",
            },
         ],
         title: "CVE-2020-36184",
      },
      {
         cve: "CVE-2020-36188",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2020-36188",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36188.json",
            },
         ],
         title: "CVE-2020-36188",
      },
      {
         cve: "CVE-2021-28165",
         cwe: {
            id: "CWE-400",
            name: "Uncontrolled Resource Consumption",
         },
         notes: [
            {
               category: "other",
               text: "Uncontrolled Resource Consumption",
               title: "CWE-400",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2021-28165",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-28165.json",
            },
         ],
         title: "CVE-2021-28165",
      },
      {
         cve: "CVE-2022-25647",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2022-25647",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25647.json",
            },
         ],
         title: "CVE-2022-25647",
      },
      {
         cve: "CVE-2022-41966",
         cwe: {
            id: "CWE-502",
            name: "Deserialization of Untrusted Data",
         },
         notes: [
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2022-41966",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41966.json",
            },
         ],
         title: "CVE-2022-41966",
      },
      {
         cve: "CVE-2022-42003",
         cwe: {
            id: "CWE-404",
            name: "Improper Resource Shutdown or Release",
         },
         notes: [
            {
               category: "other",
               text: "Improper Resource Shutdown or Release",
               title: "CWE-404",
            },
            {
               category: "other",
               text: "Deserialization of Untrusted Data",
               title: "CWE-502",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2022-42003",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42003.json",
            },
         ],
         title: "CVE-2022-42003",
      },
      {
         cve: "CVE-2023-4759",
         references: [
            {
               category: "self",
               summary: "CVE-2023-4759",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json",
            },
         ],
         title: "CVE-2023-4759",
      },
      {
         cve: "CVE-2023-34396",
         references: [
            {
               category: "self",
               summary: "CVE-2023-34396",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34396.json",
            },
         ],
         title: "CVE-2023-34396",
      },
      {
         cve: "CVE-2023-41835",
         cwe: {
            id: "CWE-913",
            name: "Improper Control of Dynamically-Managed Code Resources",
         },
         notes: [
            {
               category: "other",
               text: "Improper Control of Dynamically-Managed Code Resources",
               title: "CWE-913",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2023-41835",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41835.json",
            },
         ],
         title: "CVE-2023-41835",
      },
      {
         cve: "CVE-2023-45859",
         cwe: {
            id: "CWE-281",
            name: "Improper Preservation of Permissions",
         },
         notes: [
            {
               category: "other",
               text: "Improper Preservation of Permissions",
               title: "CWE-281",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2023-45859",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45859.json",
            },
         ],
         title: "CVE-2023-45859",
      },
      {
         cve: "CVE-2024-1597",
         cwe: {
            id: "CWE-89",
            name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
         },
         notes: [
            {
               category: "other",
               text: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
               title: "CWE-89",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-1597",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1597.json",
            },
         ],
         title: "CVE-2024-1597",
      },
      {
         cve: "CVE-2024-21634",
         cwe: {
            id: "CWE-770",
            name: "Allocation of Resources Without Limits or Throttling",
         },
         notes: [
            {
               category: "other",
               text: "Allocation of Resources Without Limits or Throttling",
               title: "CWE-770",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-21634",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21634.json",
            },
         ],
         title: "CVE-2024-21634",
      },
      {
         cve: "CVE-2024-21683",
         references: [
            {
               category: "self",
               summary: "CVE-2024-21683",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21683.json",
            },
         ],
         title: "CVE-2024-21683",
      },
      {
         cve: "CVE-2024-22257",
         cwe: {
            id: "CWE-284",
            name: "Improper Access Control",
         },
         notes: [
            {
               category: "other",
               text: "Improper Access Control",
               title: "CWE-284",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-22257",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json",
            },
         ],
         title: "CVE-2024-22257",
      },
      {
         cve: "CVE-2024-22262",
         cwe: {
            id: "CWE-601",
            name: "URL Redirection to Untrusted Site ('Open Redirect')",
         },
         notes: [
            {
               category: "other",
               text: "URL Redirection to Untrusted Site ('Open Redirect')",
               title: "CWE-601",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-22262",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json",
            },
         ],
         title: "CVE-2024-22262",
      },
      {
         cve: "CVE-2024-23672",
         cwe: {
            id: "CWE-459",
            name: "Incomplete Cleanup",
         },
         notes: [
            {
               category: "other",
               text: "Incomplete Cleanup",
               title: "CWE-459",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-23672",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json",
            },
         ],
         title: "CVE-2024-23672",
      },
      {
         cve: "CVE-2024-24549",
         cwe: {
            id: "CWE-20",
            name: "Improper Input Validation",
         },
         notes: [
            {
               category: "other",
               text: "Improper Input Validation",
               title: "CWE-20",
            },
         ],
         references: [
            {
               category: "self",
               summary: "CVE-2024-24549",
               url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json",
            },
         ],
         title: "CVE-2024-24549",
      },
   ],
}

gsd-2024-21683

Vulnerability from gsd

Modified

2024-01-01 06:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-21683

JSON

To clipboard

{
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2024-21683",
         ],
         id: "GSD-2024-21683",
         modified: "2024-01-01T06:02:05.168644Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "cve@mitre.org",
            ID: "CVE-2024-21683",
            STATE: "RESERVED",
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
               },
            ],
         },
      },
   },
}

fkie_cve-2024-21683

Vulnerability from fkie_nvd

Published

2024-05-21 23:15

Modified

2025-03-14 21:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	security@atlassian.com	https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211
	security@atlassian.com	https://jira.atlassian.com/browse/CONFSERVER-95832

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\n\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. \n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\n\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\n\nThis vulnerability was found internally.",
      },
      {
         lang: "es",
         value: "Esta vulnerabilidad RCE (ejecución remota de código) de alta gravedad se introdujo en la versión 5.2 de Confluence Data Center and Server. Esta vulnerabilidad RCE (ejecución remota de código), con una puntuación CVSS de 8,3, permite a un atacante autenticado ejecutar código arbitrario que tiene un alto impacto en la confidencialidad, un alto impacto en la integridad, un alto impacto en la disponibilidad y no requiere interacción del usuario. Atlassian recomienda que los clientes de Confluence Data Center y Server actualicen a la última versión. Si no puede hacerlo, actualice su instancia a una de las versiones fijas admitidas especificadas. Consulte las notas de la versión https://confluence.atlassian.com/doc/confluence-release-notes-327.html Puede descargar la última versión de Confluence Data Center and Server desde el centro de descargas https://www.atlassian.com /software/confluence/descargar-archivos. Esta vulnerabilidad se encontró internamente.",
      },
   ],
   id: "CVE-2024-21683",
   lastModified: "2025-03-14T21:15:36.697",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "security@atlassian.com",
            type: "Secondary",
         },
      ],
   },
   published: "2024-05-21T23:15:07.923",
   references: [
      {
         source: "security@atlassian.com",
         url: "https://confluence.atlassian.com/pages/viewpage.action?pageId=1409286211",
      },
      {
         source: "security@atlassian.com",
         url: "https://jira.atlassian.com/browse/CONFSERVER-95832",
      },
   ],
   sourceIdentifier: "security@atlassian.com",
   vulnStatus: "Awaiting Analysis",
}

wid-sec-w-2024-1210

Vulnerability from csaf_certbund

Published

2024-05-21 22:00

Modified

2024-06-03 22:00

Summary

Atlassian Confluence: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Confluence ist eine kommerzielle Wiki-Software.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um beliebigen Programmcode auszuführen, um vertrauliche Informationen offenzulegen und um einen Denial-of-Service-Zustand zu erzeugen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "hoch",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Confluence ist eine kommerzielle Wiki-Software.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um beliebigen Programmcode auszuführen, um vertrauliche Informationen offenzulegen und um einen Denial-of-Service-Zustand zu erzeugen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Sonstiges\n- UNIX\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1210 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1210.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1210 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1210",
         },
         {
            category: "external",
            summary: "Atlassian Security Bulletin May 2024 vom 2024-05-21",
            url: "https://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95839 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95839",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95837 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95837",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95832 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95832",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95835 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95835",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95834 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95834",
         },
         {
            category: "external",
            summary: "Poc auf GitHub vom 2024-06-03",
            url: "https://github.com/W01fh4cker/CVE-2024-21683-RCE",
         },
      ],
      source_lang: "en-US",
      title: "Atlassian Confluence: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2024-06-03T22:00:00.000+00:00",
         generator: {
            date: "2024-08-15T18:09:26.261+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.5",
            },
         },
         id: "WID-SEC-W-2024-1210",
         initial_release_date: "2024-05-21T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-05-21T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-06-03T22:00:00.000+00:00",
               number: "2",
               summary: "PoC aufgenommen",
            },
         ],
         status: "final",
         version: "2",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<8.9.0",
                        product: {
                           name: "Atlassian Confluence <8.9.0",
                           product_id: "T034974",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<8.5.9",
                        product: {
                           name: "Atlassian Confluence <8.5.9",
                           product_id: "T034975",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.19.22",
                        product: {
                           name: "Atlassian Confluence <7.19.22",
                           product_id: "T034976",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<8.9.1",
                        product: {
                           name: "Atlassian Confluence <8.9.1",
                           product_id: "T034977",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Confluence",
               },
            ],
            category: "vendor",
            name: "Atlassian",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-1597",
         notes: [
            {
               category: "description",
               text: "In Atlassian Confluence existieren mehrere Schwachstellen. Einer dieser Fehler besteht im PostgreSQL JDBC-Treiber im Nicht-Standardmodus und ermöglicht eine SQL-Injection. Zurzeit gibt es keine weiteren Informationen über die andere Scwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2024-1597",
      },
      {
         cve: "CVE-2024-21683",
         notes: [
            {
               category: "description",
               text: "In Atlassian Confluence existieren mehrere Schwachstellen. Einer dieser Fehler besteht im PostgreSQL JDBC-Treiber im Nicht-Standardmodus und ermöglicht eine SQL-Injection. Zurzeit gibt es keine weiteren Informationen über die andere Scwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2024-21683",
      },
      {
         cve: "CVE-2024-23672",
         notes: [
            {
               category: "description",
               text: "In Atlassian Confluence existieren mehrere Schwachstellen in der Apache Tomcat Komponente. Diese bestehen aufgrund unsachgemäßer Eingabevalidierung bzw. -bereinigung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2024-23672",
      },
      {
         cve: "CVE-2024-24549",
         notes: [
            {
               category: "description",
               text: "In Atlassian Confluence existieren mehrere Schwachstellen in der Apache Tomcat Komponente. Diese bestehen aufgrund unsachgemäßer Eingabevalidierung bzw. -bereinigung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2024-24549",
      },
      {
         cve: "CVE-2023-45859",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Atlassian Confluence. Diese Schwachstelle betrifft Hazelcast aufgrund einer unsachgemäßen Berechtigungsprüfung. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um im Cluster gespeicherte Daten offenzulegen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2023-45859",
      },
   ],
}

WID-SEC-W-2024-1210

Vulnerability from csaf_certbund

Published

2024-05-21 22:00

Modified

2024-06-03 22:00

Summary

Atlassian Confluence: Mehrere Schwachstellen

Notes

Produktbeschreibung

Confluence ist eine kommerzielle Wiki-Software.

Angriff

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "hoch",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Confluence ist eine kommerzielle Wiki-Software.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um beliebigen Programmcode auszuführen, um vertrauliche Informationen offenzulegen und um einen Denial-of-Service-Zustand zu erzeugen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Sonstiges\n- UNIX\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1210 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1210.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1210 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1210",
         },
         {
            category: "external",
            summary: "Atlassian Security Bulletin May 2024 vom 2024-05-21",
            url: "https://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95839 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95839",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95837 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95837",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95832 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95832",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95835 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95835",
         },
         {
            category: "external",
            summary: "Atlassian Vulnerability CONFSERVER-95834 vom 2024-05-21",
            url: "https://jira.atlassian.com/browse/CONFSERVER-95834",
         },
         {
            category: "external",
            summary: "Poc auf GitHub vom 2024-06-03",
            url: "https://github.com/W01fh4cker/CVE-2024-21683-RCE",
         },
      ],
      source_lang: "en-US",
      title: "Atlassian Confluence: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2024-06-03T22:00:00.000+00:00",
         generator: {
            date: "2024-08-15T18:09:26.261+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.5",
            },
         },
         id: "WID-SEC-W-2024-1210",
         initial_release_date: "2024-05-21T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-05-21T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-06-03T22:00:00.000+00:00",
               number: "2",
               summary: "PoC aufgenommen",
            },
         ],
         status: "final",
         version: "2",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<8.9.0",
                        product: {
                           name: "Atlassian Confluence <8.9.0",
                           product_id: "T034974",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<8.5.9",
                        product: {
                           name: "Atlassian Confluence <8.5.9",
                           product_id: "T034975",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.19.22",
                        product: {
                           name: "Atlassian Confluence <7.19.22",
                           product_id: "T034976",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<8.9.1",
                        product: {
                           name: "Atlassian Confluence <8.9.1",
                           product_id: "T034977",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Confluence",
               },
            ],
            category: "vendor",
            name: "Atlassian",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-1597",
         notes: [
            {
               category: "description",
               text: "In Atlassian Confluence existieren mehrere Schwachstellen. Einer dieser Fehler besteht im PostgreSQL JDBC-Treiber im Nicht-Standardmodus und ermöglicht eine SQL-Injection. Zurzeit gibt es keine weiteren Informationen über die andere Scwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2024-1597",
      },
      {
         cve: "CVE-2024-21683",
         notes: [
            {
               category: "description",
               text: "In Atlassian Confluence existieren mehrere Schwachstellen. Einer dieser Fehler besteht im PostgreSQL JDBC-Treiber im Nicht-Standardmodus und ermöglicht eine SQL-Injection. Zurzeit gibt es keine weiteren Informationen über die andere Scwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2024-21683",
      },
      {
         cve: "CVE-2024-23672",
         notes: [
            {
               category: "description",
               text: "In Atlassian Confluence existieren mehrere Schwachstellen in der Apache Tomcat Komponente. Diese bestehen aufgrund unsachgemäßer Eingabevalidierung bzw. -bereinigung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2024-23672",
      },
      {
         cve: "CVE-2024-24549",
         notes: [
            {
               category: "description",
               text: "In Atlassian Confluence existieren mehrere Schwachstellen in der Apache Tomcat Komponente. Diese bestehen aufgrund unsachgemäßer Eingabevalidierung bzw. -bereinigung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2024-24549",
      },
      {
         cve: "CVE-2023-45859",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Atlassian Confluence. Diese Schwachstelle betrifft Hazelcast aufgrund einer unsachgemäßen Berechtigungsprüfung. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um im Cluster gespeicherte Daten offenzulegen.",
            },
         ],
         release_date: "2024-05-21T22:00:00.000+00:00",
         title: "CVE-2023-45859",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from cvelistv5

Vulnerability from github

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from gsd

Vulnerability from fkie_nvd

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Tags

Sightings

Nomenclature