← ExploitWatch
HomeExploited Vulnerabilities

CVE-2019-3398 — Actively Exploited: Confluence Server and Data Center (Atlassian)

Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead to remote code execution.

CVE IDCVE-2019-3398
VendorAtlassian
ProductConfluence Server and Data Center
Vulnerability nameAtlassian Confluence Server and Data Center Path Traversal Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionAtlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead to remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →