{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2019-009.pdf"
    },
    "title": "Confluence Server Critical Remote Code Execution Vulnerability",
    "serial_number": "2019-009",
    "publish_date": "15-04-2019 12:07:00",
    "description": "A server-side template injection vulnerability has been discovered in Confluence Server and Data Center, in the Widget Connector. An attacker able to exploit this issue could achieve path traversal and remote code execution on systems that run a vulnerable version of Confluence Server or Data Center.",
    "url_title": "2019-009",
    "content_markdown": "---\ntitle: 'Confluence Server Critical Remote Code Execution Vulnerability'\nversion: '1.0'\nnumber: '2019-009'\ndate: 'April 15, 2019'\n---\n\n_History:_\n\n* _15/04/2019 --- v1.0 -- Initial publication_\n\n# Summary\n\nA server-side template injection vulnerability has been discovered in Confluence Server and Data Center, in the Widget Connector. An attacker able to exploit this issue could achieve _path traversal_ and _remote code execution_ on systems that run a vulnerable version of Confluence Server or Data Center [1].\n\n# Technical Details\n\nThe Widget Connector macro in affected version of Atlassian Confluence Server allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection [2].\n\n# Products Affected\n\nAtlassian Confluence Server affected versions include:\n\n* before version 6.6.12 (the fixed version for 6.6.x),\n* from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x),\n* from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x),\n* from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x).\n\n# Recommendations\n\nAtlassian recommends that you upgrade to the latest version (6.15.1). For a full description of the latest version of Confluence Server and Data Center, see the Release Notes [3]. You can download the latest version of Confluence from the Atlassian website [4].\n\nThe versions of Confluence Server that address the issues:\n\n* Confluence Server and Data Center versions 6.15.1 can be be downloaded from [4].\n* Confluence Server and Data Center versions 6.6.12, 6.12.3, 6.13.3 and 6.14.2 can be be downloaded from [5].\n\nIf upgrading is not possible, see relevant instructions [6].\n\n# References\n\n[1] <https://jira.atlassian.com/browse/CONFSERVER-57974>\n\n[2] <https://nvd.nist.gov/vuln/detail/CVE-2019-3396#vulnCurrentDescriptionTitle>\n\n[3] <https://confluence.atlassian.com/doc/confluence-6-15-release-notes-965554120.html>\n\n[4] <https://www.atlassian.com/software/confluence/download>\n\n[5] <https://www.atlassian.com/software/confluence/download-archives>\n\n[6] <https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>15/04/2019 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>A server-side template injection vulnerability has been discovered in Confluence Server and Data Center, in the Widget Connector. An attacker able to exploit this issue could achieve <em>path traversal</em> and <em>remote code execution</em> on systems that run a vulnerable version of Confluence Server or Data Center [1].</p><h2 id=\"technical-details\">Technical Details</h2><p>The Widget Connector macro in affected version of Atlassian Confluence Server allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection [2].</p><h2 id=\"products-affected\">Products Affected</h2><p>Atlassian Confluence Server affected versions include:</p><ul><li>before version 6.6.12 (the fixed version for 6.6.x),</li><li>from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x),</li><li>from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x),</li><li>from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x).</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>Atlassian recommends that you upgrade to the latest version (6.15.1). For a full description of the latest version of Confluence Server and Data Center, see the Release Notes [3]. You can download the latest version of Confluence from the Atlassian website [4].</p><p>The versions of Confluence Server that address the issues:</p><ul><li>Confluence Server and Data Center versions 6.15.1 can be be downloaded from [4].</li><li>Confluence Server and Data Center versions 6.6.12, 6.12.3, 6.13.3 and 6.14.2 can be be downloaded from [5].</li></ul><p>If upgrading is not possible, see relevant instructions [6].</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://jira.atlassian.com/browse/CONFSERVER-57974\">https://jira.atlassian.com/browse/CONFSERVER-57974</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://nvd.nist.gov/vuln/detail/CVE-2019-3396#vulnCurrentDescriptionTitle\">https://nvd.nist.gov/vuln/detail/CVE-2019-3396#vulnCurrentDescriptionTitle</a></p><p>[3] <a rel=\"noopener\" target=\"_blank\" href=\"https://confluence.atlassian.com/doc/confluence-6-15-release-notes-965554120.html\">https://confluence.atlassian.com/doc/confluence-6-15-release-notes-965554120.html</a></p><p>[4] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.atlassian.com/software/confluence/download\">https://www.atlassian.com/software/confluence/download</a></p><p>[5] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.atlassian.com/software/confluence/download-archives\">https://www.atlassian.com/software/confluence/download-archives</a></p><p>[6] <a rel=\"noopener\" target=\"_blank\" href=\"https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html\">https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}