High severity7.5NVD Advisory· Published Apr 27, 2017· Updated May 13, 2026
CVE-2017-7415
CVE-2017-7415
Description
Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource.
Affected products
7cpe:2.3:a:atlassian:confluence_server:6.0.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:atlassian:confluence_server:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:6.0.6:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- packetstormsecurity.com/files/142330/Confluence-6.0.x-Information-Disclosure.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/97961nvdThird Party AdvisoryVDB Entry
- jira.atlassian.com/browse/CONFSERVER-52222nvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.