Skip to content

Commit

Permalink
78 changes (77 new | 1 updated):
Browse files Browse the repository at this point in the history 
      - 77 new CVEs:  CVE-2024-21675, CVE-2024-21679, CVE-2024-21688, CVE-2024-21691, CVE-2024-21692, CVE-2024-21693, CVE-2024-21694, CVE-2024-21695, CVE-2024-21696, CVE-2024-21701, CVE-2024-21702, CVE-2024-21704, CVE-2024-21705, CVE-2024-21708, CVE-2024-21709, CVE-2024-21710, CVE-2024-21711, CVE-2024-21712, CVE-2024-21713, CVE-2024-21714, CVE-2024-21715, CVE-2024-21716, CVE-2024-21717, CVE-2024-21718, CVE-2024-21719, CVE-2024-21720, CVE-2024-21721, CVE-2024-23389, CVE-2024-23390, CVE-2024-23391, CVE-2024-23392, CVE-2024-23393, CVE-2024-23394, CVE-2024-23395, CVE-2024-23396, CVE-2024-23397, CVE-2024-23398, CVE-2024-23399, CVE-2024-23400, CVE-2024-23401, CVE-2024-23402, CVE-2024-23403, CVE-2024-23404, CVE-2024-23405, CVE-2024-23406, CVE-2024-23407, CVE-2024-23408, CVE-2024-23409, CVE-2024-23410, CVE-2024-23411, CVE-2024-23412, CVE-2024-23413, CVE-2024-23414, CVE-2024-23415, CVE-2024-23416, CVE-2024-23417, CVE-2024-23418, CVE-2024-23419, CVE-2024-23420, CVE-2024-23421, CVE-2024-23422, CVE-2024-23423, CVE-2024-23424, CVE-2024-23425, CVE-2024-23426, CVE-2024-23427, CVE-2024-23428, CVE-2024-23429, CVE-2024-23430, CVE-2024-23431, CVE-2024-23432, CVE-2024-23433, CVE-2024-23434, CVE-2024-23435, CVE-2024-23436, CVE-2024-23437, CVE-2024-23438
      - 1 updated CVEs: CVE-2024-21683
  • Loading branch information
cvelistV5 Github Action committed Jan 1, 2025
1 parent 5e80c2d commit 2ac1a51
Show file tree
Hide file tree
Showing 80 changed files with 2,958 additions and 948 deletions.
28 changes: 28 additions & 0 deletions cves/2024/21xxx/CVE-2024-21675.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"cveMetadata": {
"cveId": "CVE-2024-21675",
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"state": "REJECTED",
"dateReserved": "2024-01-01T00:05:33.846Z",
"dateUpdated": "2025-01-01T00:00:22.634Z",
"dateRejected": "2025-01-01T00:00:22.634Z",
"assignerShortName": "atlassian"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian",
"dateUpdated": "2025-01-01T00:00:22.634Z"
},
"rejectedReasons": [
{
"lang": "en-US",
"value": "To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used."
}
]
}
}
}
28 changes: 28 additions & 0 deletions cves/2024/21xxx/CVE-2024-21679.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"cveMetadata": {
"cveId": "CVE-2024-21679",
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"state": "REJECTED",
"dateReserved": "2024-01-01T00:05:33.846Z",
"dateUpdated": "2025-01-01T00:00:19.527Z",
"dateRejected": "2025-01-01T00:00:19.527Z",
"assignerShortName": "atlassian"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian",
"dateUpdated": "2025-01-01T00:00:19.527Z"
},
"rejectedReasons": [
{
"lang": "en-US",
"value": "To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used."
}
]
}
}
}
283 changes: 8 additions & 275 deletions cves/2024/21xxx/CVE-2024-21683.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,293 +4,26 @@
"cveMetadata": {
"cveId": "CVE-2024-21683",
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"state": "PUBLISHED",
"state": "REJECTED",
"assignerShortName": "atlassian",
"dateReserved": "2024-01-01T00:05:33.846Z",
"datePublished": "2024-05-21T23:00:00.446Z",
"dateUpdated": "2024-08-01T22:27:35.803Z"
"dateUpdated": "2025-01-01T00:00:18.301Z",
"dateRejected": "2025-01-01T00:00:18.301Z"
},
"containers": {
"cna": {
"affected": [
"rejectedReasons": [
{
"vendor": "Atlassian",
"product": "Confluence Data Center",
"versions": [
{
"version": "8.9.0",
"status": "affected"
},
{
"version": "8.8.0 to 8.8.1",
"status": "affected"
},
{
"version": "8.7.1 to 8.7.2",
"status": "affected"
},
{
"version": "8.6.0 to 8.6.2",
"status": "affected"
},
{
"version": "8.5.0 to 8.5.8",
"status": "affected"
},
{
"version": "8.4.0 to 8.4.5",
"status": "affected"
},
{
"version": "8.3.0 to 8.3.4",
"status": "affected"
},
{
"version": "8.2.0 to 8.2.3",
"status": "affected"
},
{
"version": "8.1.0 to 8.1.4",
"status": "affected"
},
{
"version": "8.0.0 to 8.0.4",
"status": "affected"
},
{
"version": "7.20.0 to 7.20.3",
"status": "affected"
},
{
"version": "7.19.0 to 7.19.21",
"status": "affected"
},
{
"version": "8.9.1 to 8.9.2",
"status": "unaffected"
},
{
"version": "8.5.9 to 8.5.10",
"status": "unaffected"
},
{
"version": "7.19.22 to 7.19.23",
"status": "unaffected"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\n\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. \n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\n\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\n\nThis vulnerability was found internally."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "RCE (Remote Code Execution)",
"lang": "en",
"type": "RCE (Remote Code Execution)"
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1387867145"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-95832"
}
],
"credits": [
{
"lang": "en",
"value": "Atlassian"
"lang": "en-US",
"value": "This CVE's publication may have been a false positive or a mistake. As a result, we have rejected this record."
}
],
"providerMetadata": {
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian",
"dateUpdated": "2024-06-10T17:30:00.572Z"
}
},
"adp": [
{
"title": "CISA ADP Vulnrichment",
"metrics": [
{
"cvssV3_1": {
"scope": "UNCHANGED",
"version": "3.1",
"baseScore": 8.8,
"attackVector": "NETWORK",
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"integrityImpact": "HIGH",
"userInteraction": "REQUIRED",
"attackComplexity": "LOW",
"availabilityImpact": "HIGH",
"privilegesRequired": "NONE",
"confidentialityImpact": "HIGH"
}
},
{
"other": {
"type": "ssvc",
"content": {
"timestamp": "2024-07-19T00:00:00+00:00",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"version": "2.0.3",
"id": "CVE-2024-21683"
}
}
}
],
"affected": [
{
"cpes": [
"cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*"
],
"vendor": "atlassian",
"product": "confluence_data_center",
"versions": [
{
"status": "affected",
"version": "8.9.0"
},
{
"status": "affected",
"version": "8.8.0",
"versionType": "custom",
"lessThanOrEqual": "8.8.1"
},
{
"status": "affected",
"version": "8.7.1",
"versionType": "custom",
"lessThanOrEqual": "8.7.2"
},
{
"status": "affected",
"version": "8.6.0",
"versionType": "custom",
"lessThanOrEqual": "8.6.2"
},
{
"status": "affected",
"version": "8.5.0",
"versionType": "custom",
"lessThanOrEqual": "8.5.8"
},
{
"status": "affected",
"version": "8.4.0",
"versionType": "custom",
"lessThanOrEqual": "8.4.5"
},
{
"status": "affected",
"version": "8.3.0",
"versionType": "custom",
"lessThanOrEqual": "8.3.4"
},
{
"status": "affected",
"version": "8.2.0",
"versionType": "custom",
"lessThanOrEqual": "8.2.3"
},
{
"status": "affected",
"version": "8.1.0",
"versionType": "custom",
"lessThanOrEqual": "8.1.4"
},
{
"status": "affected",
"version": "8.0.0",
"versionType": "custom",
"lessThanOrEqual": "8.0.4"
},
{
"status": "affected",
"version": "7.20.0",
"versionType": "custom",
"lessThanOrEqual": "7.20.3"
},
{
"status": "affected",
"version": "7.19.0",
"versionType": "custom",
"lessThanOrEqual": "7.1921"
},
{
"status": "affected",
"version": "8.9.1"
},
{
"status": "affected",
"version": "8.5.9"
},
{
"status": "affected",
"version": "7.19.22"
}
],
"defaultStatus": "affected"
}
],
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2024-07-20T03:55:33.558Z"
}
},
{
"providerMetadata": {
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE",
"dateUpdated": "2024-08-01T22:27:35.803Z"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://packetstormsecurity.com/files/179507"
},
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1387867145",
"tags": [
"x_transferred"
]
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-95832",
"tags": [
"x_transferred"
]
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
"dateUpdated": "2025-01-01T00:00:18.301Z"
}
]
}
}
}
28 changes: 28 additions & 0 deletions cves/2024/21xxx/CVE-2024-21688.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"cveMetadata": {
"cveId": "CVE-2024-21688",
"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"state": "REJECTED",
"dateReserved": "2024-01-01T00:05:33.847Z",
"dateUpdated": "2025-01-01T00:00:21.520Z",
"dateRejected": "2025-01-01T00:00:21.520Z",
"assignerShortName": "atlassian"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
"shortName": "atlassian",
"dateUpdated": "2025-01-01T00:00:21.520Z"
},
"rejectedReasons": [
{
"lang": "en-US",
"value": "To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used."
}
]
}
}
}
Loading

0 comments on commit 2ac1a51

Please sign in to comment.