CVE-2019-3396

CWE-22 — Path Traversal16 documents12 sources

9.8

CVSS

CRITICAL

EPSS94.5%(100th)

CISA KEVPublic ExploitExploited in WildRansomware Use

CISA Required Action: Apply updates per vendor instructions.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDatlassian/confluence_server6.7.0 — 6.12.3+3

The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.

NVD ↗MITRE ↗Patch: jira.atlassian.com ↗Patch: jira.atlassian.com ↗

🔴Vulnerability Details

GHSA

OpenNMS Horizon RCE via JEXL2 expression↗2022-05-24

▶

GHSA

GHSA-fr34-8fhg-2m6q: The Widget Connector macro in Atlassian Confluence Server before version 6↗2022-05-13

▶

CVEList

CVE-2019-3396: The Widget Connector macro in Atlassian Confluence Server before version 6↗2019-03-25

▶

VulnCheck

Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability↗2019

▶

💥Exploits & PoCs

Exploit-DB

Atlassian Confluence Widget Connector Macro - SSTI↗2021-01-22

▶

Exploit-DB

Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)↗2019-04-19

▶

Nuclei

Atlassian Confluence Server - Path Traversal

▶

🔍Detection Rules

Suricata

ET WEB_CLIENT Possible Confluence SSTI Exploitation Attempt - Leads to RCE/LFI (CVE-2019-3396)↗2019-05-08

▶

📋Vendor Advisories

CISA

Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability↗2021-11-03

▶

🕵️Threat Intelligence

Trendmicro

CVE-2019-3396: Exploiting the Confluence Vulnerability↗2019-05-07

▶

Trendmicro

CVE-2019-3396: Exploiting the Confluence Vulnerability↗2019-05-07

▶

Trendmicro

AESDDoS Botnet Exploits CVE-2019-3396 to Perform RCE↗2019-04-26

▶

Trendmicro

AESDDoS Botnet Exploits CVE-2019-3396 to Perform RCE↗2019-04-26

▶

💬Community

HackerOne

LFI with potential to RCE on ██████ using CVE-2019-3396↗2019-10-04

▶

BugTraq

Atlassian - Confluence Security Advisory - 2019-03-20↗2019-03-25

▶