Uploaded image for project: 'Confluence Server'
  1. Confluence Server
  2. CONFSERVER-58734

Local File Disclosure via Word Export in Confluence Server - CVE-2019-3394

    XMLWordPrintable

    Details

      Description

      Confluence Server and Data Center had a local file disclosure vulnerability in the page export function. A remote attacker who has Add Page space permission would be able to read arbitrary files in the <install-directory>/confluence/WEB-INF/ directory and it's subdirectories, which may contain configuration files used for integrating with other services, which could potentially leak credentials or other sensitive information such as LDAP credentials. The LDAP credential will be potentially leaked only if the Confluence server LDAP credential is specified in atlassian-user.xml file, which is deprecated way of configure LDAP integration.

      Affected versions:

      • All versions of Confluence Server from 6.1.0 before 6.6.16 (the fixed version for 6.6.x), from 6.7.0 before 6.13.7 (the fixed version for 6.13.x), and from 6.14.0 before 6.15.8 (the fixed version for 6.15.x) are affected by this vulnerability.

      Fix:

      For additional details, see the full advisory.

      Workaround

      Please see the full advisory for mitigation information.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              mchang@atlassian.com Ming Chang
              Votes:
              0 Vote for this issue
              Watchers:
              13 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: