vulnerability

Atlassian Confluence: WebDAV and Widget Connector vulnerabilities (CVE-2019-3395)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Mar 25, 2019
Added
Apr 12, 2019
Modified
Sep 18, 2024

Description

The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 before 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 before 6.9.3 (the fixed version for 6.9.x) allows remote attackers to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance via Server-Side Request Forgery.

Solution(s)

atlassian-confluence-upgrade-6_6_7atlassian-confluence-upgrade-6_8_5atlassian-confluence-upgrade-6_9_3
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.