-
Bug
-
Resolution: Fixed
-
Highest
-
6.1.0, 6.4.0, 6.5.0, 6.6.0, 6.7.0, 6.8.0, 6.9.0, 6.10.0, 6.11.0, 6.12.0, 6.13.0, 6.14.0, 6.6.15, 6.13.6, 6.15.1, 6.15.7
-
Severity 1 - Critical
-
Confluence Server and Data Center had a local file disclosure vulnerability in the page export function. A remote attacker who has Add Page space permission would be able to read arbitrary files in the <install-directory>/confluence/WEB-INF/ directory and it's subdirectories, which may contain configuration files used for integrating with other services, which could potentially leak credentials or other sensitive information such as LDAP credentials. The LDAP credential will be potentially leaked only if the Confluence server LDAP credential is specified in atlassian-user.xml file, which is deprecated way of configure LDAP integration.
Affected versions:
- All versions of Confluence Server from 6.1.0 before 6.6.16 (the fixed version for 6.6.x), from 6.7.0 before 6.13.7 (the fixed version for 6.13.x), and from 6.14.0 before 6.15.8 (the fixed version for 6.15.x) are affected by this vulnerability.
Fix:
- Confluence Server and Data Center versions 6.15.8 is available for download from https://www.atlassian.com/software/confluence/download.
- Confluence Server and Data Center versions 6.6.16 and 6.13.7 are available for download from https://www.atlassian.com/software/confluence/download-archives .
For additional details, see the full advisory.
Workaround
Please see the full advisory for mitigation information.