-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Divd 2023 00042 #688
Divd 2023 00042 #688
Conversation
_cases/2023/DIVD-2023-00042.md
Outdated
- Confluence Data Center | ||
- Confluence Server | ||
versions: | ||
- all versions affected |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and those versions are? if all versions up to current please list as everything prior to
_cases/2023/DIVD-2023-00042.md
Outdated
layout: case | ||
# Title and excerpt will be used on /cases and the RSS feed so make sure they reflect the case well | ||
title: "Confluence improper authorization vulnerability" | ||
excerpt: "Confluence Data Center and Server allow unauthorized user to set Confluence in setup mode leading to the possibility to create administrator accounts that have the capabilities for RCE" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unauthorized user -> users
_cases/2023/DIVD-2023-00042.md
Outdated
versions: | ||
- all versions affected | ||
recommendation: "Upgrade to patched versions stated on atlassian website" | ||
patch_status: Full patched |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fully*
_cases/2023/DIVD-2023-00042.md
Outdated
--- | ||
## Summary | ||
| ||
An improper authorization vulnerability has been identified inside Atlassian Confluence versions before (7.19.16; 8.3.4; 8.4.4; 8.5.3; 8.6.1). this allows an unauthorized used to set the Confluence server in setup-up mode, and using this setup mode create administrator accounts which can be used to facilitate remote code execution" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unauthorized used -> user
_cases/2023/DIVD-2023-00042.md
Outdated
## What we are doing | ||
| ||
DIVD is currently working to identify vulnerable parties and notify these. | ||
We do this by scanning for exposed Atlassian Confluence instances and examining this instance to determine whether the vulnerability is present. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this instance -> these instances
Toevoegen casefile voor DIVD-2023-0042 Confluence impropper auth