Vulnerability Description
There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under <install-directory>/confluence/WEB-INF directory, which may contain configuration files used for integrating with other services, which could potentially leak credentials or other sensitive information such as LDAP credentials. The LDAP credential will be potentially leaked only if the Confluence server is configured to use LDAP as user repository. All versions of Confluence Server from 6.1.0 before 6.6.16 (the fixed version for 6.6.x), from 6.7.0 before 6.13.7 (the fixed version for 6.13.x), and from 6.14.0 before 6.15.8 (the fixed version for 6.15.x) are affected by this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atlassian | Confluence | >= 6.1.0, < 6.6.16 |
| Atlassian | Confluence Server | >= 6.14.0, < 6.15.8 |
Related Weaknesses (CWE)
References
- https://confluence.atlassian.com/x/uAsvOgPatchVendor Advisory
- https://jira.atlassian.com/browse/CONFSERVER-58734Vendor Advisory
- https://confluence.atlassian.com/x/uAsvOgPatchVendor Advisory
- https://jira.atlassian.com/browse/CONFSERVER-58734Vendor Advisory
FAQ
What is CVE-2019-3394?
CVE-2019-3394 is a vulnerability with a CVSS score of 8.8 (HIGH). There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read ...
How severe is CVE-2019-3394?
CVE-2019-3394 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-3394?
Check the references section above for vendor advisories and patch information. Affected products include: Atlassian Confluence, Atlassian Confluence Server.