CVE-2019-3396

Atlassian | Confluence Server and Data ServerAdded 2021-11-03Remediation Deadline 2022-05-03Active Ransomware Campaign

Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability

Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-22

References

https://nvd.nist.gov/vuln/detail/CVE-2019-3396

Cybersecurity Alerts

CVE-2019-3396

Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability

Required Action

Weakness Classification

References