High Severity Injection Vulnerability Affects Confluence Data Center
CVE-2024-21676

8.8HIGH

Key Information:

Vendor

Atlassian
Status
Confluence Data Center
Vendor
CVE Published:
16 April 2024

What is CVE-2024-21676?

A recent publication regarding a vulnerability in Atlassian software products has been retracted, citing reasons suggesting it may have been a false positive or error. This incident highlights the importance of vigilant assessment and verification within cybersecurity frameworks to ensure accurate threat identification. Stakeholders are encouraged to stay informed about updates from Atlassian and to continuously evaluate their security measures in light of new findings.

Affected Version(s)

Confluence Data Center >= 7.10.0 < 7.10.0

Confluence Data Center >= 7.11.0 >= 7.11.0

Confluence Data Center >= 7.12.0 >= 7.12.0

References

https://jira.atlassian.com/rest/api/2/issue/2005000

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

l3yx
.