CVE-2019-3398 - Atlassian Confluence Server and Data Center Path Traversal Vulnerability
Project:Atlassian
Product:Confluence Server and Data Center
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Atlassian Confluence Server and Data Center Path Traversal Vulnerability
Description
Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead to remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-3398