CVE-2019-3396

Description from NVD

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.

Information Acquisition Date:2021-09-30T16:40Z
CVSS 2.0: 10.0 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

NVD References

 https://jira.atlassian.com/browse/CONFSERVER-57974
     source:MISC
     tags:Issue Tracking    Patch    Vendor Advisory    
 http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://www.rapid7.com/db/modules/exploit/multi/http/confluence_widget_connector
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 46731
     source:EXPLOIT-DB
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://packetstormsecurity.com/files/161065/Atlassian-Confluence-6.12.1-Template-Injection.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    

This vulnerability may involve a PoC.

Description from Forti

Confluence Widget Connector macro Path Traversal

This indicates an attack attempt to exploit a Directory Traversal vulnerability in Atlassian Confluence.The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. Successful attacks may allow a remote attackers to use a specially crafted request with directory-traversal sequences to retrieve sensitive information and remote code execution.

Information Acquisition Date:2021/02/19

Affected Products

Atlassian Confluence Server before version 6.6.12
Atlassian Confluence Server from version 6.7.0 before 6.12.3
Atlassian Confluence Server from version 6.13.0 before 6.13.3
Atlassian Confluence Server from version 6.14.0 before 6.14.2

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply patch if available from the vendor's website.
https://jira.atlassian.com/browse/CONFSERVER-57974

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:



List of frequently cited URLs

URLNum of Times Referred to
https://paper.seebug.org/886/59
https://wiki5
http://bit.ly/2H7b77c3

Information from Twitter

User URL Info Source Date
eric_capuano https://blog.reconinfosec.com/analysis-of-exploitation-of-c... Source eric_capuano     1532514310605373463 2022/06/03
Recon_InfoSec https://blog.reconinfosec.com/analysis-of-exploitation-of-c... Source Recon_InfoSec    1532526015188180997 2022/06/03
ipssignatures https://twitter.com/Recon_InfoSec/status/1532526015188180997 Source ipssignatures    1532815890336587778 2022/06/04

List of frequently cited URLs

URLNum of Times Referred to
paper.seebug.org59
wiki5
bit.ly3

Information from Twitter

User URL Info Source
eric_capuano blog.reconinfosec.com Show Tweet
Recon_InfoSec blog.reconinfosec.com Show Tweet
ipssignatures twitter.com Show Tweet

GitHub Search Results: Up to 10
NameURL
Yt1g3r/CVE-2019-3396_EXP https://github.com/Yt1g3r/CVE-2019-3396_EXP
jas502n/CVE-2019-3396 https://github.com/jas502n/CVE-2019-3396
pyn3rd/CVE-2019-3396 https://github.com/pyn3rd/CVE-2019-3396
x-f1v3/CVE-2019-3396 https://github.com/x-f1v3/CVE-2019-3396
dothanthitiendiettiende/CVE-2019-3396 https://github.com/dothanthitiendiettiende/CVE-2019-3396
abdallah-elsharif/cve-2019-3396 https://github.com/abdallah-elsharif/cve-2019-3396
JonathanZhou348/CVE-2019-3396TEST https://github.com/JonathanZhou348/CVE-2019-3396TEST
vntest11/confluence_CVE-2019-3396 https://github.com/vntest11/confluence_CVE-2019-3396
yuehanked/cve-2019-3396 https://github.com/yuehanked/cve-2019-3396
xiaoshuier/CVE-2019-3396 https://github.com/xiaoshuier/CVE-2019-3396

GitHub Search Results: Up to 10
NameURL
Yt1g3r/CVE-2019-3396_EXP github.com
jas502n/CVE-2019-3396 github.com
pyn3rd/CVE-2019-3396 github.com
x-f1v3/CVE-2019-3396 github.com
dothanthitiendiettiende/CVE-2019-3396 github.com
abdallah-elsharif/cve-2019-3396 github.com
JonathanZhou348/CVE-2019-3396TEST github.com
vntest11/confluence_CVE-2019-3396 github.com
yuehanked/cve-2019-3396 github.com
xiaoshuier/CVE-2019-3396 github.com

2022/06/04 Score : 1
Added Har-sia Database : 2020/02/21
Last Modified : 2022/06/04
Highest Scored Date : 2021/09/16
Highest Score : 59