vulnerability
Atlassian Confluence: WebDAV and Widget Connector vulnerabilities (CVE-2019-3395)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Mar 25, 2019 | Apr 12, 2019 | Sep 18, 2024 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Mar 25, 2019
Added
Apr 12, 2019
Modified
Sep 18, 2024
Description
The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 before 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 before 6.9.3 (the fixed version for 6.9.x) allows remote attackers to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance via Server-Side Request Forgery.
Solution(s)
atlassian-confluence-upgrade-6_6_7atlassian-confluence-upgrade-6_8_5atlassian-confluence-upgrade-6_9_3

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.