cnvd - cnvd-2022-49949

cnvd-2022-49949

Vulnerability from cnvd

Title: Atlassian Jira Server and Data Center服务器端请求伪造漏洞

Description:

Atlassian Jira Server＆Data Center是澳大利亚Atlassian公司的JIRA的数据中心版本。该软件被广泛应用于缺陷跟踪、客户服务、需求收集、流程审批、任务跟踪、项目跟踪和敏捷管理等工作领域。

Atlassian Jira Server and Data Center存在服务器端请求伪造漏洞，攻击者可利用该漏洞通过批处理端点执行完整的读取服务器端请求伪造。

Severity: 高

Patch Name: Atlassian Jira Server and Data Center服务器端请求伪造漏洞的补丁

Patch Description:

Atlassian Jira Server and Data Center存在服务器端请求伪造漏洞，攻击者可利用该漏洞通过批处理端点执行完整的读取服务器端请求伪造。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新: https://confluence.atlassian.com/jira/jira-server-security-advisory-29th-june-2022-1142430667.html

Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-26135

Impacted products

Name
['Atlassian Atlassian Jira Server and Data Center 4.21.0，<4.22.4', 'Atlassian Atlassian Jira Server and Data Center 4.14.0，<4.20.10', 'Atlassian Atlassian Jira Server and Data Center 4.0.0，<4.13.22', 'Atlassian Atlassian Jira Server and Data Center 8.21.0，<8.22.4', 'Atlassian Atlassian Jira Server and Data Center 8.14.0，<8.20.10', 'Atlassian Atlassian Jira Server and Data Center 8.0.0，<8.13.22']

Name

['Atlassian Atlassian Jira Server and Data Center 4.21.0，<4.22.4', 'Atlassian Atlassian Jira Server and Data Center 4.14.0，<4.20.10', 'Atlassian Atlassian Jira Server and Data Center 4.0.0，<4.13.22', 'Atlassian Atlassian Jira Server and Data Center 8.21.0，<8.22.4', 'Atlassian Atlassian Jira Server and Data Center 8.14.0，<8.20.10', 'Atlassian Atlassian Jira Server and Data Center 8.0.0，<8.13.22']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-26135",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-26135"
    }
  },
  "description": "Atlassian Jira Server\uff06Data Center\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684JIRA\u7684\u6570\u636e\u4e2d\u5fc3\u7248\u672c\u3002\u8be5\u8f6f\u4ef6\u88ab\u5e7f\u6cdb\u5e94\u7528\u4e8e\u7f3a\u9677\u8ddf\u8e2a\u3001\u5ba2\u6237\u670d\u52a1\u3001\u9700\u6c42\u6536\u96c6\u3001\u6d41\u7a0b\u5ba1\u6279\u3001\u4efb\u52a1\u8ddf\u8e2a\u3001\u9879\u76ee\u8ddf\u8e2a\u548c\u654f\u6377\u7ba1\u7406\u7b49\u5de5\u4f5c\u9886\u57df\u3002\n\nAtlassian Jira Server and Data Center\u5b58\u5728\u670d\u52a1\u5668\u7aef\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6279\u5904\u7406\u7aef\u70b9\u6267\u884c\u5b8c\u6574\u7684\u8bfb\u53d6\u670d\u52a1\u5668\u7aef\u8bf7\u6c42\u4f2a\u9020\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0:\r\nhttps://confluence.atlassian.com/jira/jira-server-security-advisory-29th-june-2022-1142430667.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-49949",
  "openTime": "2022-07-07",
  "patchDescription": "Atlassian Jira Server\uff06Data Center\u662f\u6fb3\u5927\u5229\u4e9aAtlassian\u516c\u53f8\u7684JIRA\u7684\u6570\u636e\u4e2d\u5fc3\u7248\u672c\u3002\u8be5\u8f6f\u4ef6\u88ab\u5e7f\u6cdb\u5e94\u7528\u4e8e\u7f3a\u9677\u8ddf\u8e2a\u3001\u5ba2\u6237\u670d\u52a1\u3001\u9700\u6c42\u6536\u96c6\u3001\u6d41\u7a0b\u5ba1\u6279\u3001\u4efb\u52a1\u8ddf\u8e2a\u3001\u9879\u76ee\u8ddf\u8e2a\u548c\u654f\u6377\u7ba1\u7406\u7b49\u5de5\u4f5c\u9886\u57df\u3002\r\n\r\nAtlassian Jira Server and Data Center\u5b58\u5728\u670d\u52a1\u5668\u7aef\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6279\u5904\u7406\u7aef\u70b9\u6267\u884c\u5b8c\u6574\u7684\u8bfb\u53d6\u670d\u52a1\u5668\u7aef\u8bf7\u6c42\u4f2a\u9020\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Atlassian Jira Server and Data Center\u670d\u52a1\u5668\u7aef\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Atlassian Atlassian Jira Server and Data Center 4.21.0\uff0c\u003c4.22.4",
      "Atlassian Atlassian Jira Server and Data Center 4.14.0\uff0c\u003c4.20.10",
      "Atlassian Atlassian Jira Server and Data Center 4.0.0\uff0c\u003c4.13.22",
      "Atlassian Atlassian Jira Server and Data Center 8.21.0\uff0c\u003c8.22.4",
      "Atlassian Atlassian Jira Server and Data Center 8.14.0\uff0c\u003c8.20.10",
      "Atlassian Atlassian Jira Server and Data Center 8.0.0\uff0c\u003c8.13.22"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-26135",
  "serverity": "\u9ad8",
  "submitTime": "2022-07-01",
  "title": "Atlassian Jira Server and Data Center\u670d\u52a1\u5668\u7aef\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}

CVE-2022-26135 (GCVE-0-2022-26135)

Vulnerability from cvelistv5

Published

2022-06-30 05:20

Modified

2024-10-29 15:20

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

Server-side Request Forgery

Summary

A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 before version 8.13.22, from version 8.14.0 before 8.20.10, from version 8.21.0 before 8.22.4. This also affects Jira Management Server and Data Center versions from version 4.0.0 before 4.13.22, from version 4.14.0 before 4.20.10 and from version 4.21.0 before 4.22.4.

References

▼	URL	Tags
	https://jira.atlassian.com/browse/JRASERVER-73863	x_refsource_MISC
	https://jira.atlassian.com/browse/JSDSERVER-11840	x_refsource_MISC
	https://confluence.atlassian.com/display/JIRA/Jira+Server+Security+Advisory+29nd+June+2022	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Atlassian

Jira Core Server

Version: 8.0.0   < unspecified
Version: unspecified   < 8.13.22
Version: 8.14.0   < unspecified
Version: unspecified   < 8.20.10
Version: 8.21.0   < unspecified
Version: unspecified   < 8.22.4

Atlassian	Jira Software Server	Version: 8.0.0 < unspecified Version: unspecified < 8.13.22 Version: 8.14.0 < unspecified Version: unspecified < 8.20.10 Version: 8.21.0 < unspecified Version: unspecified < 8.22.4
Atlassian	Jira Software Data Center	Version: 8.0.0 < unspecified Version: unspecified < 8.13.22 Version: 8.14.0 < unspecified Version: unspecified < 8.20.10 Version: 8.21.0 < unspecified Version: unspecified < 8.22.4
Atlassian	Jira Service Management Server	Version: 4.0.0 < unspecified Version: unspecified < 4.13.22 Version: 4.14.0 < unspecified Version: unspecified < 4.20.10 Version: 4.21.0 < unspecified Version: unspecified < 4.22.4
Atlassian	Jira Service Management Data Center	Version: 4.0.0 < unspecified Version: unspecified < 4.13.22 Version: 4.14.0 < unspecified Version: unspecified < 4.20.10 Version: 4.21.0 < unspecified Version: unspecified < 4.22.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:56:37.610Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jira.atlassian.com/browse/JRASERVER-73863"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jira.atlassian.com/browse/JSDSERVER-11840"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://confluence.atlassian.com/display/JIRA/Jira+Server+Security+Advisory+29nd+June+2022"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-26135",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-03T15:05:50.366047Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-918",
                "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T15:20:52.789Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jira Core Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.13.22",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.14.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.20.10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.21.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.22.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Jira Software Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.13.22",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.14.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.20.10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.21.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.22.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Jira Software Data Center",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.13.22",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.14.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.20.10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "8.21.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.22.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Jira Service Management Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.13.22",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "4.14.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.20.10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "4.21.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.22.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Jira Service Management Data Center",
          "vendor": "Atlassian",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.13.22",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "4.14.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.20.10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "4.21.0",
              "versionType": "custom"
            },
            {
              "lessThan": "4.22.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-06-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 before version 8.13.22, from version 8.14.0 before 8.20.10, from version 8.21.0 before 8.22.4. This also affects Jira Management Server and Data Center versions from version 4.0.0 before 4.13.22, from version 4.14.0 before 4.20.10 and from version 4.21.0 before 4.22.4."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Server-side Request Forgery",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-30T05:20:15",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jira.atlassian.com/browse/JRASERVER-73863"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jira.atlassian.com/browse/JSDSERVER-11840"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://confluence.atlassian.com/display/JIRA/Jira+Server+Security+Advisory+29nd+June+2022"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@atlassian.com",
          "DATE_PUBLIC": "2022-06-29T00:00:00",
          "ID": "CVE-2022-26135",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jira Core Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.0.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.13.22"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.14.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.20.10"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.21.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.22.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Jira Software Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.0.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.13.22"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.14.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.20.10"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.21.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.22.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Jira Software Data Center",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.0.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.13.22"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.14.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.20.10"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "8.21.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.22.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Jira Service Management Server",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_value": "4.0.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.13.22"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "4.14.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.20.10"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "4.21.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.22.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Jira Service Management Data Center",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_value": "4.0.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.13.22"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "4.14.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.20.10"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_value": "4.21.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.22.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Atlassian"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 before version 8.13.22, from version 8.14.0 before 8.20.10, from version 8.21.0 before 8.22.4. This also affects Jira Management Server and Data Center versions from version 4.0.0 before 4.13.22, from version 4.14.0 before 4.20.10 and from version 4.21.0 before 4.22.4."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Server-side Request Forgery"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jira.atlassian.com/browse/JRASERVER-73863",
              "refsource": "MISC",
              "url": "https://jira.atlassian.com/browse/JRASERVER-73863"
            },
            {
              "name": "https://jira.atlassian.com/browse/JSDSERVER-11840",
              "refsource": "MISC",
              "url": "https://jira.atlassian.com/browse/JSDSERVER-11840"
            },
            {
              "name": "https://confluence.atlassian.com/display/JIRA/Jira+Server+Security+Advisory+29nd+June+2022",
              "refsource": "MISC",
              "url": "https://confluence.atlassian.com/display/JIRA/Jira+Server+Security+Advisory+29nd+June+2022"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2022-26135",
    "datePublished": "2022-06-30T05:20:15.269358Z",
    "dateReserved": "2022-02-25T00:00:00",
    "dateUpdated": "2024-10-29T15:20:52.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted