CVE-2017-7415

CVE-2017-7415

EPSS 4.4%

Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://jira.atlassian.com/browse/CONFSERVER-52222 https://packetstormsecurity.com/files/142330/Confluence-6.0.x-Information-Disclosure.html http://www.securityfocus.com/bid/97961