Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2019-3398 | Atlassian Confluence Server and Data Center Path Traversal Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter | Comments
CVE-2019-3398 is a path traversal vulnerability in Atlassian Confluence Server and Data Center that allows an authenticated attacker to write files to arbitrary locations, potentially leading to remote code execution
References
|
| CVE-2019-3398 | Atlassian Confluence Server and Data Center Path Traversal Vulnerability | exploitation_technique | T1202 | Indirect Command Execution | Comments
CVE-2019-3398 is a path traversal vulnerability in Atlassian Confluence Server and Data Center that allows an authenticated attacker to write files to arbitrary locations, potentially leading to remote code execution
References
|