Confluence Unauthorized RCE Vulnerability

2019-03-25T00:00:00
ID AKB:D432D14A-94A1-4099-B6F6-959B6EF2A545
Type attackerkb
Reporter AttackerKB
Modified 2020-03-03T00:00:00

Description

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.

Recent assessments:

J3rryBl4nks at March 03, 2020 3:30pm UTC reported:

Due to many enterprise environments using Confluence, and many of them exposing it to the internet, this vulnerability is incredibly useful.

There is a public POC available:<https://github.com/Yt1g3r/CVE-2019-3396_EXP> from which you could base other attacks.

space-r7 at May 22, 2019 1:34pm UTC reported:

Due to many enterprise environments using Confluence, and many of them exposing it to the internet, this vulnerability is incredibly useful.

There is a public POC available:<https://github.com/Yt1g3r/CVE-2019-3396_EXP> from which you could base other attacks.

Assessed Attacker Value: 4
Assessed Attacker Value: 4asoto-r7 at May 09, 2019 5:57pm UTC reported:

Due to many enterprise environments using Confluence, and many of them exposing it to the internet, this vulnerability is incredibly useful.

There is a public POC available:<https://github.com/Yt1g3r/CVE-2019-3396_EXP> from which you could base other attacks.

Assessed Attacker Value: 4
Assessed Attacker Value: 4