The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a DLL file in a directory in the global path environmental variable variable to inject code & escalate their privileges via a DLL hijacking vulnerability.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/CONFSERVER-59428 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2020-02-06T03:10:28.891775Z
Updated: 2024-09-16T23:21:49.035Z
Reserved: 2020-01-23T00:00:00
Link: CVE-2019-20406
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-02-06T03:15:10.747
Modified: 2024-11-21T04:38:24.457
Link: CVE-2019-20406
Redhat
No data.