Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-15006

Опубликовано: 19 дек. 2019
Источник: nvd
CVSS3: 6.5
CVSS2: 5.8
EPSS Низкий

Описание

There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in Confluence Server and Confluence Data Center. This plugin was used to facilitate communication with the Atlassian Companion application. The Confluence Previews plugin in Confluence Server and Confluence Data Center communicated with the Companion application via the atlassian-domain-for-localhost-connections-only.com domain name, the DNS A record of which points at 127.0.0.1. Additionally, a signed certificate for the domain was publicly distributed with the Companion application. An attacker in the position to control DNS resolution of their victim could carry out a man-in-the-middle (MITM) attack between Confluence Server (or Confluence Data Center) and the atlassian-domain-for-localhost-connections-only.com domain intended to be used with the Companion application. This certificate has been revoked, however, usage of the atlassian-domain-for-localhost-connections-only.com domain name was

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*
Версия от 6.11.0 (включая) до 6.13.10 (исключая)
cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*
Версия от 6.14.0 (включая) до 6.15.10 (исключая)
cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*
Версия от 7.0.1 (включая) до 7.0.5 (исключая)
cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*
Версия от 7.1.0 (включая) до 7.1.2 (исключая)

EPSS

Процентиль: 78%
0.01219
Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-913

Связанные уязвимости

github логотип

GHSA-86mx-982p-mgc2

github
около 3 лет назад

There was a man-in-the-middle (MITM) vulnerability present in the Confluence Previews plugin in Confluence Server and Confluence Data Center. This plugin was used to facilitate communication with the Atlassian Companion application. The Confluence Previews plugin in Confluence Server and Confluence Data Center communicated with the Companion application via the atlassian-domain-for-localhost-connections-only.com domain name, the DNS A record of which points at 127.0.0.1. Additionally, a signed certificate for the domain was publicly distributed with the Companion application. An attacker in the position to control DNS resolution of their victim could carry out a man-in-the-middle (MITM) attack between Confluence Server (or Confluence Data Center) and the atlassian-domain-for-localhost-connections-only.com domain intended to be used with the Companion application. This certificate has been revoked, however, usage of the atlassian-domain-for-localhost-connections-only.com domain name ...

EPSS

Процентиль: 78%
0.01219
Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-913