There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under <install-directory>/confluence/WEB-INF directory, which may contain configuration files used for integrating with other services, which could potentially leak credentials or other sensitive information such as LDAP credentials. The LDAP credential will be potentially leaked only if the Confluence server is configured to use LDAP as user repository. All versions of Confluence Server from 6.1.0 before 6.6.16 (the fixed version for 6.6.x), from 6.7.0 before 6.13.7 (the fixed version for 6.13.x), and from 6.14.0 before 6.15.8 (the fixed version for 6.15.x) are affected by this vulnerability.

According to its self-reported version number, the Atlassian Confluence application running on the remote host is 6.1.x < 6.6.16, 6.7.x < 6.13.7 or 6.14.x < 6.15.8. It is, therefore, affected by a local file disclosure vulnerability in the page export function. A remote attacker who has Add Page space permission would be able to read arbitrary files in the <install-directory>/confluence/WEB-INF/ directory and it's subdirectories.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its self-reported version number, the Atlassian Confluence application running on the remote host is 6.1.x prior to 6.6.16, 6.7.x prior to 6.13.7, 6.14.x prior to 6.15.8. It is, therefore, affected by a local file disclosure vulnerability which exists in page export component. An authenticated, remote attacker with AddPage space permission can exploit this to read arbitrary files in the <install-directory>/confluence/WEB-INF directory.  

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
112878	Atlassian Confluence 6.14.x < 6.15.8 Local File Disclosure	Web App Scanning	Component Vulnerability	high
112877	Atlassian Confluence 6.7.x < 6.13.7 Local File Disclosure	Web App Scanning	Component Vulnerability	high
112876	Atlassian Confluence 6.1.x < 6.6.16 Local File Disclosure	Web App Scanning	Component Vulnerability	high
128548	Atlassian Confluence 6.1.x < 6.6.16 / 6.7.x < 6.13.7 / 6.14.x < 6.15.8 Local File Disclosure Vulnerability	Nessus	CGI abuses	high

Detections

Analytics

CVE-2019-3394

high

Tenable Plugins

high

high

high

high