High Severity Injection Vulnerability Affects Confluence Data Center
CVE-2024-21676

8.8HIGH

Key Information:

Vendor: Atlassian
Status: Confluence Data Center
Vendor: CVE Published:; 16 April 2024

Summary

A recent publication regarding a vulnerability in Atlassian software products has been retracted, citing reasons suggesting it may have been a false positive or error. This incident highlights the importance of vigilant assessment and verification within cybersecurity frameworks to ensure accurate threat identification. Stakeholders are encouraged to stay informed about updates from Atlassian and to continuously evaluate their security measures in light of new findings.

Affected Version(s)

Confluence Data Center >= 7.10.0 < 7.10.0

Confluence Data Center >= 7.11.0 >= 7.11.0

Confluence Data Center >= 7.12.0 >= 7.12.0

References

https://jira.atlassian.com/rest/api/2/issue/2005000

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 16, 2024
Vulnerability Reserved
Jan 1, 2024

Credit

l3yx