CVE-2019-3398

HIGH KEV NUCLEI

Atlassian Confluence Server < 6.6.13 - Path Traversal

Title source: rule

Description

Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.

Exploits (3)

exploitdb WORKING POC
by max7253 · pythonwebappsjsp
https://www.exploit-db.com/exploits/47621
nomisec WORKING POC 15 stars
by superevr · remote-auth
https://github.com/superevr/cve-2019-3398
nomisec WORKING POC
by 132231g · remote
https://github.com/132231g/CVE-2019-3398

Nuclei Templates (1)

Atlassian Confluence Download Attachments - Remote Code Execution
HIGHby rootxharsh,iamnoooob,pdresearch
Shodan: http.component:"atlassian confluence" || cpe:"cpe:2.3:a:atlassian:confluence"

References (7)

Scores

CVSS v3 8.8
EPSS 0.9385
EPSS Percentile 99.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2021-11-03
InTheWild.io 2021-07-23
ENISA EUVD EUVD-2019-13037
CWE
CWE-22
Status published
Products (1)
atlassian/confluence_server 2.0 - 6.6.13
Published Apr 18, 2019
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026