CVE-2024-4068
This High severity vulnerability known as CVE-2024-4068 was introduced in 3.0.2, 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Atlassian recommends that Bitbucket Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: * Bitbucket Data Center and Server 8.19: Upgrade to a release greater than or equal to 8.19.25 See the release notes. You can download the latest version of Bitbucket Data Center and Server from the download center.
EPSS 0.27% · 51.2th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atlassian | Bitbucket Data Center | |
| AWS | connect | |
| Atlassian | Bitbucket Server |
Exploit Intelligence
- https://github.com/micromatch/braces/pull/37 (nist-nvd)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
…and 36 more exploits
Timeline
- Feb 8, 2024 PoC Published
- May 13, 2024 CVE Published
- May 14, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 1, 2024 EPSS Score
- Aug 18, 2024 EPSS Score
- Sep 11, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 5, 2024 EPSS Score
- Oct 29, 2024 EPSS Score
- Nov 6, 2024 CVE Updated
- Dec 17, 2024 EPSS Score