CVE-2020-29448
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-29448
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The ConfluenceResourceDownloadRewriteRule class in Confluence Server and Confluence Data Center before version 6.13.18, from 6.14.0 before 7.4.6, and from 7.5.0 before 7.8.3 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Atlassian Confluence Server 和 Confluence Data Center 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Atlassian Confluence Server和Atlassian Confluence都是澳大利亚Atlassian公司的产品。Atlassian Confluence Server是一套具有企业知识管理功能,并支持用于构建企业WiKi的协同软件的服务器版本。Atlassian Confluence是一套专业的企业知识管理与协同软件,也可以用于构建企业WiKi。 Confluence Server and Confluence Data Center 存在安全漏洞,该漏洞源于Confluence
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Atlassian | Confluence Server | unspecified ~ 6.13.18 | - | |
| Atlassian | Confluence Data Center | unspecified ~ 6.13.18 | - |
II. Public POCs for CVE-2020-29448
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-29448
请登录查看更多情报信息。
- https://jira.atlassian.com/browse/CONFSERVER-60469x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-29448
Same Patch Batch · Atlassian · 2021-02-18 · 4 CVEs total
| CVE-2021-26068 | Atlassian JIRA Server 注入漏洞 | |
| CVE-2020-36233 | Atlassian Bitbucket Server and Data Center 安全漏洞 | |
| CVE-2020-29453 | Atlassian Jira Server 和 Jira Data Center 路径遍历漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2020-29448
No comments yet