High Severity Path Traversal Vulnerability Affects Confluence Data Center, Upgrade Recommended
CVE-2024-21677

8.8HIGH

Key Information:

Vendor

Atlassian
Status
Confluence Data Center
Vendor
CVE Published:
19 March 2024

Badges

📰 News Worthy

What is CVE-2024-21677?

The CVE-2024-21677 is a high severity Path Traversal vulnerability affecting Atlassian's Confluence Data Center and Server. It was introduced in version 6.13.0 and has a CVSS score of 8.3. The vulnerability allows an unauthenticated attacker to exploit it, impacting confidentiality, integrity, and availability. Atlassian recommends upgrading to the latest version or to a supported fixed version to address this vulnerability. There is no indication of exploitation by ransomware groups at this time.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Confluence Data Center >= 6.13.0 < 6.13.0

Confluence Data Center >= 7.19.0 >= 7.19.0

Confluence Data Center >= 7.20.0 >= 7.20.0

News Articles

References

https://confluence.atlassian.com/pages/viewpage.action?pa...
https://jira.atlassian.com/browse/CONFSERVER-94604

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

CVSS V3.0

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • 📰

    First article discovered by 安全内参

  • Vulnerability published

  • Vulnerability Reserved

JSON
.