Lucene search
+L

6 matches found

nessus
nessus
added 2021/07/05 12:0 a.m.36 views

Atlassian Confluence < 7.11.0 Multiple Vulnerabilities

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior 7.11.0. It is, therefore, affected by the following vulnerabilities : - A blind Server-Side Request Forgery SSRF vulnerability in Team Calendars parameters. CVE-2020-29445 - A...

5.4CVSS5.1AI score0.01201EPSS
Exploits0References4
nessus
nessus
added 2021/05/12 12:0 a.m.53 views

Atlassian Confluence < 7.11.0 SSRF (CONFSERVER-61453)

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.11.0 . It is, therefore, affected by a server-side request forgery SSRF vulnerability in its Team Calendar REST API component. An authenticated, remote attacker can exploit...

4.3CVSS5.3AI score0.01201EPSS
Exploits0References2
nvd
nvd
added 2021/05/07 6:15 a.m.17 views

CVE-2020-29445

Affected versions of Confluence Server before 7.4.8, and versions from 7.5.0 before 7.11.0 allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters...

4.3CVSS0.01201EPSS
Exploits0References1
cve
cve
added 2021/05/07 6:10 a.m.115 views

CVE-2020-29445

CVE-2020-29445 describes a blind SSRF in Atlassian Confluence Server’s Team Calendars parameters. Affected are Confluence Server versions before 7.4.8 and 7.5.0 through 7.10.9 (pre-7.11.0). Root cause is a server-side request forgery in the Team Calendars functionality, enabling an attacker to id...

4.3CVSS4.7AI score0.01201EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2021/05/07 6:10 a.m.9 views

CVE-2020-29445

Affected versions of Confluence Server before 7.4.8, and versions from 7.5.0 before 7.11.0 allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters...

4.6AI score0.01201EPSS
Exploits0References1
atlassian
atlassian
added 2021/03/03 10:39 p.m.57 views

Blind SSRF in Team Calendars REST API using location parameter - CVE-2020-29445

Affected versions of Confluence Server allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters. Affected versions: 7.11.0 Fixed versions: 7.11.0 7.4.8 LTS This vulnerability is attributed to Stefano Castilletti, a...

4.3CVSS4.3AI score0.01201EPSS
Exploits0Affected Software1
Rows per page
Query Builder