CVE-2024-29415 — Vulnetix

CVE-2024-29415 PUBLISHED CVSS 8.100000381469727 HIGH

This High severity vulnerability known as CVE-2024-29415 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Atlassian recommends that Bitbucket Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: * Bitbucket Data Center and Server 8.19: Upgrade to a release greater than or equal to 8.19.25 See the release notes. You can download the latest version of Bitbucket Data Center and Server from the download center.

EPSS 84.60% · 99.3th percentile

Risk Scores

CVSS v3.1

8.100000381469727

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

84.60%

99.3th percentile

Affected Products

Vendor	Product	Versions
Atlassian	Bitbucket Server
Atlassian	Confluence Server
Atlassian	Confluence Data Center
Atlassian	Bitbucket Data Center

Timeline

May 27, 2024 CVE Published
Oct 4, 2024 Coalition ESS Score
Oct 16, 2024 Coalition ESS Score
Nov 24, 2024 Coalition ESS Score
Jan 24, 2025 Coalition ESS Score
Feb 13, 2025 CVE Updated
Feb 14, 2025 EPSS Score
Mar 14, 2025 EPSS Score
Mar 17, 2025 EPSS Score
Mar 20, 2025 EPSS Score
Mar 27, 2025 EPSS Score
Mar 29, 2025 EPSS Score

References

Open in Interactive Console →