CVE-2024-21697

CVSS 3.0 Score 8.8 of 10 (high)

Details

Published Nov 19, 2024

Summary

CVE-2024-21697 is a high severity Remote Code Execution (RCE) vulnerability affecting Sourcetree for Mac in version 4.2.8 and Sourcetree for Windows in version 3.4.19. With a CVSS Score of 8.8, this RCE vulnerability enables unauthenticated attackers to execute arbitrary code, resulting in significant impact to confidentiality, integrity, and availability. User interaction is required for exploitation. Atlassian urges users to upgrade to the latest available versions: Sourcetree for Mac 4.2.9 or later, and Sourcetree for Windows 3.4.20 or later. Previously unreported, this vulnerability was discovered during Atlassian's Penetration Testing program.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share