Atlassian Confluence 6.14.2

CPE Details

Atlassian Confluence 6.14.2
6.14.2
2019-03-27
16h18 +00:00
2021-12-13
15h03 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:atlassian:confluence:6.14.2:*:*:*:*:*:*:*

Informations

Vendor

atlassian

Product

confluence

Version

6.14.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-4027 2020-07-01 01h35 +00:00 Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1.
4.7
Medium
CVE-2019-20406 2020-02-06 03h10 +00:00 The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability.
7.8
High
CVE-2019-15005 2019-11-08 03h55 +00:00 The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the application that the plugin is installed into. A vulnerable version of the plugin is included with Bitbucket Server / Data Center before 6.6.0, Confluence Server / Data Center before 7.0.1, Jira Server / Data Center before 8.3.2, Crowd / Crowd Data Center before 3.6.0, Fisheye before 4.7.2, Crucible before 4.7.2, and Bamboo before 6.10.2.
4.3
Medium