HTTP: Atlassian Confluence downloadallattachments Directory Traversal
This signature detects attempts to exploit a known vulnerability against Atlassian Confluence. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.
Affected Products
Atlassian confluence_server
Short Name
HTTP:DIR:ATLASSIAN-CONF-ATT-DIR
Severity
Critical
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Atlassian CVE-2019-3398 Confluence Directory Traversal bid:108067 downloadallattachments
Release Date
12/10/2020
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3782
False Positive
Unknown
Vendors
Atlassian
CVSS Score
9.0