Lucene search
Security-metrics-botATLASSIAN:CONFSERVER-61453HistoryMar 03, 2021 - 10:39 p.m.
Blind SSRF in Team Calendars REST API using location parameter - CVE-2020-29445
2021-03-0322:39:51
security-metrics-bot
jira.atlassian.com
21
ssrf
team calendars
confluence server
blind ssrf
cve-2020-29445
security vulnerability
stefano castilletti
EPSS
0.001
Percentile
22.7%
Affected versions of Confluence Server allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.
Affected versions:
- < 7.11.0
Fixed versions:
- 7.11.0
- 7.4.8 (LTS)
This vulnerability is attributed toΒ Stefano Castilletti, a security researcher at Apple.
Related
nessus
nessus
Atlassian Confluence < 7.11.0 SSRF (CONFSERVER-61453)
2021-05-12 00:00:00
Atlassian Confluence < 7.11.0 Multiple Vulnerabilities
2021-07-05 00:00:00
cve
cve
CVE-2020-29445
2021-05-07 06:15:09
cvelist
cvelist
CVE-2020-29445
2021-05-07 06:10:12
nvd
nvd
CVE-2020-29445
2021-05-07 06:15:09
prion
prion
Server side request forgery (ssrf)
2021-05-07 06:15:00
atlassian
atlassian