{"vulnerability": "cve-2024-2168", "sightings": [{"uuid": "9ccbeef0-50cb-46f5-9517-e23a9c29a23c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21688", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lenbtn26b32f", "content": "", "creation_timestamp": "2025-01-01T00:15:59.743644Z"}, {"uuid": "26eff177-be3b-4878-a733-00f307346138", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "8fffa5ce-171b-4e95-95bf-6d7bc1f4cb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-07)", "content": "", "creation_timestamp": "2024-11-07T00:00:00.000000Z"}, {"uuid": "96e4b120-3e0f-45ca-bb85-42d73f708045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:00.000000Z"}, {"uuid": "2da44c94-1ffb-4ec9-9853-ae0e84fbe86a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "68cc4505-f453-406b-bffd-7b0b4e62cfdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-06)", "content": "", "creation_timestamp": "2025-03-06T00:00:00.000000Z"}, {"uuid": "28fb92ef-8a25-40c2-893c-82d75fc5cb23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "3fa781fd-a70e-4fe9-b260-6ee1463be338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-23)", "content": "", "creation_timestamp": "2025-07-23T00:00:00.000000Z"}, {"uuid": "6987c7be-ee91-4e77-ad5c-80825d578fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-18)", "content": "", "creation_timestamp": "2025-09-18T00:00:00.000000Z"}, {"uuid": "02867e58-09a3-4e16-b1c5-5b0b7a5f6c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "8ae2cef0-a399-4a5f-a1d5-e69232f91a01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/atlassian_confluence_rce_cve_2024_21683.rb", "content": "", "creation_timestamp": "2024-07-11T01:50:17.000000Z"}, {"uuid": "da3d6c78-f26a-4a9f-808e-14d39a52f122", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "882d3ec7-002e-4d5a-9030-b49c22ed900c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-19)", "content": "", "creation_timestamp": "2026-01-19T00:00:00.000000Z"}, {"uuid": "12bf3ada-925c-4d68-a1c0-cd36a69bcafd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21689", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/10795", "content": "\u200aCVE-2024-21689: RCE Vulnerability in Atlassian Bamboo Data Center and Server\n\nhttps://securityonline.info/cve-2024-21689-rce-vulnerability-in-atlassian-bamboo-data-center-and-server/", "creation_timestamp": "2024-08-21T12:52:52.000000Z"}, {"uuid": "c8848636-d294-428a-be11-84049981d688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/DUOmhe_CxjvkwL3TRLD9AHWimRROdd1NSsdzANkcr07CMN0", "content": "", "creation_timestamp": "2025-06-09T13:55:03.000000Z"}, {"uuid": "2882de69-83e4-41fa-9301-cd162629f76d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21689", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8341", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024\u201321689 RCE Bamboo Data Center and Server Atlassian POC\nURL\uff1ahttps://github.com/salvadornakamura/CVE-2024-21689\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-23T17:41:58.000000Z"}, {"uuid": "c6c40456-2030-4635-916a-1289b395db3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21689", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8340", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024\u201321689 RCE Bamboo Data Center and Server Atlassian\nURL\uff1ahttps://github.com/MrTwizztR/CVE-2024-21689\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-23T17:41:35.000000Z"}, {"uuid": "576454a6-07d9-4381-869a-05959fb41e23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7391", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-21683 Post Auth RCE\nURL\uff1ahttps://github.com/W01fh4cker/CVE-2024-21683-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-23T09:14:49.000000Z"}, {"uuid": "693576e3-0268-45d4-85a3-2ca95444b823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9240", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-21683 Confluence Post Auth RCE\nURL\uff1ahttps://github.com/XiaomingX/cve-2024-21683-rce\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-29T13:30:34.000000Z"}, {"uuid": "a6165ba9-5bc8-457f-ab81-c771ca0ceb8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/554", "content": "#cve #poc\n\n\ud83d\udd77CVE-2024-21683: Confluence Data Center RCE\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Confluence.  \u0411\u0430\u0433 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0432\u0432\u043e\u0434\u0430 \u0432 Confluence REST API. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 Confluence\n\nProof-Of-Concept", "creation_timestamp": "2024-05-23T05:56:34.000000Z"}, {"uuid": "1a0c1cb0-4730-4c08-b5d3-07763d39a07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7384", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1achained Exploit to achieve unauthenticated RCE on confluence data center and server using the CVE-2024-21683 as RCE and undisclosed auth bypass.\nURL\uff1ahttps://github.com/Arbeys/CVE-2024-21683-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-22T21:57:01.000000Z"}, {"uuid": "d6ad971f-213e-474f-899e-357116105cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7383", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPPPwn for webOS TVs - PlayStation 4 PPPoE RCE\nURL\uff1ahttps://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-22T19:45:13.000000Z"}, {"uuid": "5ddd1acf-71fc-4857-8b29-ab669e0acf56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/information_security_channel/53714", "content": "CVE-2024-21683 \u2013 Authenticated RCE via \u201cAdd a New Language\u201d in Atlassian Confluence\nhttps://www.offsec.com/blog/cve-2024-21683/\n\nCritical RCE vulnerability (CVE-2024-21683) in Atlassian Confluence Data Center and Server (v5.2\u20138.9.0) allows authenticated users to execute arbitrary code via malicious code macros.\nThe post CVE-2024-21683 \u2013 Authenticated RCE via \u201cAdd a New Language\u201d in Atlassian Confluence (https://www.offsec.com/blog/cve-2024-21683/) appeared first on OffSec (https://www.offsec.com/).", "creation_timestamp": "2025-06-12T21:53:45.000000Z"}, {"uuid": "6077d23b-a3dd-4918-8e87-e9c4a38d6ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/hydral0gs/2709", "content": "CVE-2024-21683 Authenticated Remote Code Execution in Atlassian Confluence\n\nRead: https://realalphaman.substack.com/p/quick-note-about-cve-2024-21683-authenticated", "creation_timestamp": "2024-05-23T18:21:21.000000Z"}, {"uuid": "97857609-3410-4da5-9ed0-cb3e63d8ff25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/bizone_channel/1240", "content": "\ud83e\udd65 Confluence \u0441\u043d\u043e\u0432\u0430 \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b\u043e\u043c \u2014 BI.ZONE WAF \u0441\u043f\u0435\u0448\u0438\u0442 \u043d\u0430 \u043f\u043e\u043c\u043e\u0449\u044c\n\nConfluence \u2014 \u0432 \u0442\u043e\u043f\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u044e\u0449\u0438\u0445 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432: \u043d\u0430 \u043d\u0435\u0433\u043e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 21% \u0432\u0435\u0431-\u0430\u0442\u0430\u043a \u043f\u043e \u0438\u0442\u043e\u0433\u0430\u043c \u043f\u0435\u0440\u0432\u043e\u0439 \u0442\u0440\u0435\u0442\u0438 2024 \u0433\u043e\u0434\u0430. \n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u043b\u043e\u0433\u0438\u043a\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443.\n\n\u0420\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435:\n\n\u0427\u0442\u043e \u044d\u0442\u043e \u0437\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. CVE-2024-21683 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Confluence Data Center \u0438 Confluence Server. \u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e \u043d\u0435\u0439 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c 21 \u043c\u0430\u044f, \u0430 \u0443\u0436\u0435 \u043a 23 \u043c\u0430\u044f \u0431\u044b\u043b\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u043c\u0438\u043d\u0438\u043c\u0443\u043c 3 \u043f\u0440\u0438\u043c\u0435\u0440\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 (PoC).\n\n\u0427\u0435\u043c \u043e\u043d\u0430 \u043e\u043f\u0430\u0441\u043d\u0430. CVE \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 8,3 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 10 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS: \u0434\u043b\u044f RCE-\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d. \u041e\u0434\u043d\u0430\u043a\u043e \u0443\u0436\u0435 \u0441\u0435\u0439\u0447\u0430\u0441 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u0432 \u0430\u0442\u0430\u043a, \u0433\u0434\u0435 CVE-2024-21683 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0441\u0432\u044f\u0437\u043a\u0435 \u0441 \u0442\u0435\u0445\u043d\u0438\u043a\u0430\u043c\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0415\u0441\u0442\u044c \u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 LTS-\u0432\u0435\u0440\u0441\u0438\u044f\u0445 8.5.9 \u0438 7.19.22, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Confluence Data Center 8.9.1. \u0411\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0441\u0442\u0430\u043b\u0438\u0441\u044c \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439. \n\n\u041a\u0430\u043a \u043f\u043e\u043c\u043e\u0436\u0435\u0442 BI.ZONE WAF. \u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u043c\u043e\u0436\u0435\u0442\u0435 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u0430\u0448 \u0441\u0435\u0440\u0432\u0438\u0441 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442 \u043d\u0430\u0434\u0435\u0436\u043d\u0443\u044e \u0437\u0430\u0449\u0438\u0442\u0443 Confluence.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 BI.ZONE WAF \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430 \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u043c\u0430\u043d\u0442\u0438\u043a\u0438 \u044f\u0437\u044b\u043a\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u2014 \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Runtime.getRuntime().exec() \u0432 Java. \u0410\u043d\u043e\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u0434\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n\u041f\u0440\u0430\u0432\u0438\u043b\u043e \u0443\u0436\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0434\u043b\u044f \u0432\u0441\u0435\u0445, \u043a\u0442\u043e \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 Confluence \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e BI.ZONE WAF.\n\n\u0422\u0430\u043a\u0436\u0435 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 BI.ZONE TDR \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u043e\u0440\u0440\u0435\u043b\u044f\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-05-24T16:00:50.000000Z"}, {"uuid": "89bb961b-afe2-4954-bded-437166e1c074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21684", "type": "seen", "source": "https://t.me/cvedetector/1585", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21684 - Bitbucket Data Center Open Redirect Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-21684 \nPublished : July 24, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : There is a low severity open redirect vulnerability within affected versions of Bitbucket Data Center. Versions of Bitbucket DC from 8.0.0 to 8.9.12 and 8.19.0 to 8.19.1 are affected by this vulnerability. It is patched in 8.9.13 and 8.19.2.  \n  \nThis open redirect vulnerability, with a CVSS Score of 3.1 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N, allows an unauthenticated attacker to redirect a victim user upon login to Bitbucket Data Center to any arbitrary site which can be utilized for further exploitation which has low impact to confidentiality, no impact to integrity, no impact to availability, and requires user interaction.  \n  \nAtlassian recommends that Bitbucket Data Center customers upgrade to the version. If you are unable to do so, upgrade your instance to one of the  supported fixed versions. \nSeverity: 3.1 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T20:49:57.000000Z"}, {"uuid": "ef487142-9a68-45af-a69c-f9149a82faf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21689", "type": "seen", "source": "https://t.me/cvedetector/3609", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21689 - Atlassian Bamboo Data Center Server Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-21689 \nPublished : Aug. 20, 2024, 10:15 a.m. | 35\u00a0minutes ago \nDescription : This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689\u00a0 was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server.  \n  \nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.6, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.  \n  \nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:  \n Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.17  \n  \n Bamboo Data Center and Server 9.6: Upgrade to a release greater than or equal to 9.6.5  \n  \nSee the release notes ([]). You can download the latest version of Bamboo Data Center and Server from the download center ([]).  \n  \nThis vulnerability was reported via our Bug Bounty program. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T12:56:49.000000Z"}, {"uuid": "3cf46ded-407d-4b51-b011-b5f6d78a645f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21687", "type": "seen", "source": "https://t.me/cvedetector/1008", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21687 - Atlassian Bamboo File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-21687 \nPublished : July 16, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : This High severity File Inclusion vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0 and 9.6.0 of Bamboo Data Center and Server.  \n  \nThis File Inclusion vulnerability, with a CVSS Score of 8.1, allows an authenticated attacker to get the application to display the contents of a local file, or execute a different files already stored locally on the server which has high impact to confidentiality, high impact to integrity, no impact to availability, and requires no user interaction.  \n  \nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions listed on this CVE  \n  \nSee the release notes (). You can download the latest version of Bamboo Data Center and Server from the download center ().  \n  \nThis vulnerability was reported via our Bug Bounty program. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T23:49:00.000000Z"}, {"uuid": "59f87d4c-325c-45f0-90fa-d9c3ba03cf00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21686", "type": "seen", "source": "https://t.me/cvedetector/1005", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21686 - Atlassian Confluence Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-21686 \nPublished : July 16, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : This High severity Stored XSS vulnerability was introduced in versions 7.13 of Confluence Data Center and Server.  \n  \nThis Stored XSS vulnerability, with a CVSS Score of 7.3, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, high impact to integrity, no impact to availability, and requires user interaction.  \n  \nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions listed on this CVE  \n  \nSee the release notes (). You can download the latest version of Confluence Data Center and Server from the download center ().  \n  \nThis vulnerability was reported via our Bug Bounty program. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T22:58:54.000000Z"}, {"uuid": "4df469e3-7e60-4d9b-9b34-0921d28484dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://t.me/HackingInsights/788", "content": "\u200aCVE-2024-21683: Atlassian Patches RCE Flaw in Confluence Data Center and Server\n\nhttps://securityonline.info/cve-2024-21683-atlassian-patches-rce-flaw-in-confluence-data-center-and-server/", "creation_timestamp": "2024-05-22T16:49:37.000000Z"}, {"uuid": "60067299-3cfb-4768-a324-769916ca4eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21687", "type": "seen", "source": "https://t.me/HackingInsights/6469", "content": "\u200aAtlassian Fixes CVE-2024-21687 & CVE-2024-21686 Vulnerabilities in Bamboo and Confluence\n\nhttps://securityonline.info/atlassian-fixes-cve-2024-21687-cve-2024-21686-vulnerabilities-in-bamboo-and-confluence/", "creation_timestamp": "2024-07-18T10:13:01.000000Z"}, {"uuid": "384697c3-65ed-4f56-b002-18eb621aacbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21686", "type": "seen", "source": "https://t.me/HackingInsights/6469", "content": "\u200aAtlassian Fixes CVE-2024-21687 & CVE-2024-21686 Vulnerabilities in Bamboo and Confluence\n\nhttps://securityonline.info/atlassian-fixes-cve-2024-21687-cve-2024-21686-vulnerabilities-in-bamboo-and-confluence/", "creation_timestamp": "2024-07-18T10:13:01.000000Z"}, {"uuid": "bbb24ae4-4efc-42fc-8d77-7d5ec293ecc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21682", "type": "seen", "source": "https://t.me/arpsyndicate/3824", "content": "#ExploitObserverAlert\n\nCVE-2024-21682\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-21682. This High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 (all versions).   Assets Discovery, which can be downloaded via Atlassian Marketplace, is a network scanning tool that can be used with or without an agent with Jira Service Management Cloud, Data Center or Server. It detects hardware and software that is connected to your local network and extracts detailed information about each asset. This data can then be imported into Assets in Jira Service Management to help you manage all of the devices and configuration items within your local network.  This Injection vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to modify the actions taken by a system call which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.  Atlassian recommends that Assets Discovery customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions  See the release notes (https://confluence.atlassian.com/assetapps/assets-discovery-3-2-1-cloud-6-2-1-data_center-1333987182.html). You can download the latest version of Assets Discovery from the Atlassian Marketplace (https://marketplace.atlassian.com/apps/1214668/assets-discovery?hosting=datacenter&tab=installation).  This vulnerability was reported via our Penetration Testing program.", "creation_timestamp": "2024-02-21T14:58:21.000000Z"}, {"uuid": "26b1bc11-f018-4b4a-88f6-1d81d39e9cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/9093", "content": "#CVE-2024-21683: #Confluence Data Center #RCE\n\nhttps://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T08:25:38.000000Z"}, {"uuid": "28924f7b-b0f0-4600-b038-01b2ae31ac46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrew/9198", "content": "#CVE-2024-21683: #Confluence Data Center #RCE\n\nhttps://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T08:26:51.000000Z"}, {"uuid": "51321c2d-d62a-4e5d-9627-b06451b8558d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4499", "content": "https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T11:57:21.000000Z"}, {"uuid": "05f7459c-81fe-4a89-bed5-e96367415b56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/z1ej_dZCcT4CqmtBZlxBnyID80I2736dsSP7we9ggdXGYbc", "content": "", "creation_timestamp": "2024-05-27T10:46:40.000000Z"}, {"uuid": "d19cc343-4eab-4144-bc4e-266069207f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/169", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:10:28.000000Z"}, {"uuid": "576d826b-ec30-45dc-b1e3-4ab44b30b117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/1742", "content": "#CVE-2024-21683: #Confluence Data Center #RCE\n\nhttps://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T08:25:38.000000Z"}, {"uuid": "3bb27ab4-7830-4aa6-b4c5-8ac6660db6bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/gztBLeHiFLVGngU82zOANxasieCKF4vpHOyTY7sDptXaxLw", "content": "", "creation_timestamp": "2024-05-23T18:07:38.000000Z"}, {"uuid": "df75d7a7-5e77-4dd4-abb9-fb95507fce7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/xvA5wY_IY9xuxpVWV2IOO-EbLeQTPzyXdVOh_JVC3vm71ZI", "content": "", "creation_timestamp": "2024-06-26T17:04:06.000000Z"}, {"uuid": "4f51a5e5-f129-4d4d-b9d0-2fd1f17af907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7921", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-08T11:25:07.000000Z"}, {"uuid": "ad3f4962-01bc-4960-b019-857efec0590c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21897", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-09T07:58:14.000000Z"}, {"uuid": "e14fd778-4ba0-4741-a718-20a575f63744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2092", "content": "CVE-2024-21683\nConfluence Data Center and Server RCE\n*\nPOC - 3 \u0432\u0430\u0440\u0438\u0430\u0442\u0430\n\n#Jirka", "creation_timestamp": "2024-05-23T07:33:22.000000Z"}, {"uuid": "d8dd2216-132c-44dc-abb2-33ed1ef62221", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/v_GRUsSBmV1OmGbimRXpdLPlITcHxDsDH6ijn5O_vKUkqgI", "content": "", "creation_timestamp": "2024-05-23T18:22:58.000000Z"}, {"uuid": "9f7683e8-ea8e-4015-99e8-d49f84fed898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2221", "content": "CVE-2024-21683  0-click RCE\n*\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 Win server 2000 \u0434\u043e Win server 2025\n*\n\u0414\u044b\u0440\u043a\u0430 \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u0441\u0442\u043e\u043b\u043e\u0432 Windows (RDL), \u0432 \u0438\u043d\u0435\u0442 \u0441\u0435\u0439\u0447\u0430\u0441 \u0442\u043e\u0440\u0447\u0438\u0442 170 000 \u0442\u0430\u043a\u0438\u0445 \u0445\u043e\u0441\u0442\u043e\u0432 \n*\n\u041f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043e \u0432 \u0438\u044e\u043b\u0435\n*\nExploit  (\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u0431\u0430\u043d\u044f\u0442, \u043d\u043e \u043c\u044b \u0441\u043a\u0430\u0447\u0430\u043b\u0438)))\n\n#rce #winsrv", "creation_timestamp": "2024-08-09T07:41:14.000000Z"}, {"uuid": "3f257a62-d42a-4c10-af7a-ab7c2efe0513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/7898", "content": "https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", "creation_timestamp": "2024-05-29T11:57:21.000000Z"}, {"uuid": "04c54b6d-6323-4eae-aa5c-0e9240ea36d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "Telegram/Edfbs4MF4C2lY6sjLDcENYH-V9jWpHMuaXJbz7EzSXqLmT4", "content": "", "creation_timestamp": "2024-07-09T06:56:34.000000Z"}, {"uuid": "1ce3a2cb-0ce2-4827-90a6-6418ab52bac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1489", "content": "CVE-2024-21683: Confluence Auth RCE\n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE\n\n#exploit #git #web", "creation_timestamp": "2024-05-24T06:59:49.000000Z"}, {"uuid": "744d726a-b148-4e7f-a2b6-0ff2a608e081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6702", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-08T11:25:07.000000Z"}, {"uuid": "a1aa96b0-b10f-44c3-b640-18c0ebc38f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://t.me/true_secator/5770", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cybernews \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043c\u0443\u0434\u0430\u043a\u043e\u0432, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432 \u0432 \u0441\u0435\u0442\u0438 224 962 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Atlassian Confluence Data Center \u0438 Confluence Server.\n\n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e (\u043c\u0443\u0434\u0430\u043a\u043e\u0432) \u0438\u0445 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0432 \u0421\u0428\u0410 (53 195) \u0438 \u042f\u043f\u043e\u043d\u0438\u0438 (22 007), \u043d\u043e \u0438 \u0432\u043e \u0424\u0440\u0430\u043d\u0446\u0438\u0438 (11 562) \u0438 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 (11 373) - \u0442\u043e\u0436\u0435 \u0438\u043c\u0435\u044e\u0442\u0441\u044f. \n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0432\u0441\u0435 \u043e\u043d\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-21683 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 8,3.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u043f\u043e\u0440\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0432\u043d\u0443\u0442\u0440\u0438 \u0441\u0435\u0442\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432 Atlassian Confluence Data Center \u0438 Confluence Server \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430, \u043d\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0441\u0435\u0440\u043e\u0433\u043e \u0432\u0435\u0449\u0435\u0441\u0442\u0432\u0430 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u043e\u0442\u0435\u043d \u0442\u044b\u0441\u044f\u0447 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c.\n\n\u041f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u0438\u043c \u0437\u0430\u0439\u043c\u0443\u0442\u0441\u044f \u0431\u0430\u043d\u0434\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 APT, \u043f\u0440\u0430\u0432\u0434\u0430 \u0437\u0430 \u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0437\u0430\u043f\u043b\u0430\u0442\u0438\u0442\u044c.", "creation_timestamp": "2024-05-23T14:40:05.000000Z"}, {"uuid": "95c4d6d8-394e-4580-bd80-3dd1fc714128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "exploited", "source": "https://t.me/true_secator/5782", "content": "\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u043a\u0430\u043a \u043c\u044b \u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u0438, \u0437\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e RCE CVE-2024-21683 \u0441 CVSS 8,3 \u0432 Atlassian Confluence Data Center \u0438 Confluence Server \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u0438\u043c\u0443\u0442\u0441\u044f \u0431\u0430\u043d\u0434\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 APT.\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0425\u0443\u043e\u043d\u0433 \u041a\u0438\u0435\u0443 \u0432\u044b\u043a\u0430\u0442\u0438\u043b PoC, \u0430 \u0432 \u0441\u0435\u0442\u0438 \u0432\u0438\u0441\u044f\u0442 \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u0442\u044b\u0441\u044f\u0447 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044f \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u043f\u0440\u043e\u0441\u0442\u043e\u0440 \u0434\u043b\u044f \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0442\u043e\u0447\u043a\u0443 \u043e\u043f\u043e\u0440\u044b.\n\n\u0411\u043b\u0430\u0433\u043e, \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u043f\u043e\u0441\u0447\u0430\u0441\u0442\u043b\u0438\u0432\u0438\u0442\u0441\u044f \u0432\u0441\u0442\u0440\u043e\u0438\u0442\u044c\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 (\u043c\u0443\u0434\u0430\u043a\u043e\u0432) \u0421\u0428\u0410 (53 195) \u0438 \u042f\u043f\u043e\u043d\u0438\u0438 (22 007), \u043d\u043e \u0424\u0440\u0430\u043d\u0446\u0438\u0438 (11 562) \u0438 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 (11 373) - \u0442\u043e\u0436\u0435 \u043d\u0435\u043f\u043e\u0437\u0434\u043e\u0440\u043e\u0432\u0438\u0442\u044c\u0441\u044f.\n\n\u0411\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-05-27T16:00:53.000000Z"}, {"uuid": "d36a63c8-d6a0-4f37-b081-c734eaf630e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21682", "type": "seen", "source": "https://t.me/ctinow/203466", "content": "https://ift.tt/y14ZcqK\nCVE-2024-21682 | Atlassian Assets Discovery Data Center 6.2.0 improper authentication", "creation_timestamp": "2024-03-08T18:02:24.000000Z"}, {"uuid": "d33f2240-a157-42fc-9810-5f6b9afcb937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2168", "type": "seen", "source": "https://t.me/ctinow/199657", "content": "https://ift.tt/GU65lbz\nCVE-2024-2168", "creation_timestamp": "2024-03-04T22:36:52.000000Z"}, {"uuid": "b5b1ea55-bd6b-4f20-9cb7-661e31a7f714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2168", "type": "seen", "source": "https://t.me/ctinow/199649", "content": "https://ift.tt/GU65lbz\nCVE-2024-2168", "creation_timestamp": "2024-03-04T22:27:02.000000Z"}, {"uuid": "6b53a07d-ee3f-4223-a617-86170ecf3c0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21682", "type": "seen", "source": "https://t.me/ctinow/188845", "content": "https://ift.tt/G5To42J\nCVE-2024-21682", "creation_timestamp": "2024-02-20T19:27:16.000000Z"}, {"uuid": "65094c73-6c74-4ac7-a58b-cf476c7e2e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21682", "type": "seen", "source": "https://t.me/ctinow/188861", "content": "https://ift.tt/G5To42J\nCVE-2024-21682", "creation_timestamp": "2024-02-20T19:31:58.000000Z"}, {"uuid": "f8a5c249-de37-4bb2-b14d-d8de8324cb01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2529", "content": "https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server/\n\nCVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server\n#github #exploit", "creation_timestamp": "2024-05-23T07:33:56.000000Z"}, {"uuid": "cec41698-be03-4ff7-a1a3-5b3d8a08de7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "Telegram/iYuF1ij8GVX9NZlgjiDkoapzUE0BR5ziHKPfQnrl3j_r0bE", "content": "", "creation_timestamp": "2024-11-03T18:29:35.000000Z"}, {"uuid": "bda28d03-ac33-4c60-a8aa-7f4d33bede81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2534", "content": "https://github.com/W01fh4cker/CVE-2024-21683-RCE\n\ncve-2024-21683\n#github #poc", "creation_timestamp": "2024-05-24T08:52:49.000000Z"}, {"uuid": "9f9d1afc-27ce-41cf-98ee-a99cd2306185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "seen", "source": "https://t.me/club31337/2088", "content": "https://nsfocusglobal.com/confluence-remote-code-execution-vulnerability-cve-2024-21683-notification/\n\n\u269c\ufe0f @club1337", "creation_timestamp": "2024-11-11T02:18:31.000000Z"}, {"uuid": "e375d445-8484-403d-b2c7-a490f093d995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10556", "content": "#exploit\nConfluence Data Center Post Auth RCE\n]-> https://github.com/W01fh4cker/CVE-2024-21683-RCE", "creation_timestamp": "2024-05-24T13:33:20.000000Z"}]}