CVE-2020-29445
07.05.2021, 06:15
Affected versions of Confluence Server before 7.4.8, and versions from 7.5.0 before 7.11.0 allow attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars parameters.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| atlassian | confluence_server | 𝑥 < 7.4.8 |
| atlassian | confluence_server | 7.5.0 ≤ 𝑥 < 7.11.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| atlassian | confluence | 𝑥 < 7.4.8 | CNA |
| atlassian | confluence | 7.5.0 | CNA |
| atlassian | confluence | 𝑥 < 7.11.0 | CNA |