Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Divd 2023 00042 #688

Merged
merged 4 commits into from
Nov 28, 2023
Merged

Divd 2023 00042 #688

merged 4 commits into from
Nov 28, 2023

Conversation

WesselDIVD
Copy link
Contributor

Toevoegen casefile voor DIVD-2023-0042 Confluence impropper auth

- Confluence Data Center
- Confluence Server
versions:
- all versions affected
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and those versions are? if all versions up to current please list as everything prior to

layout: case
# Title and excerpt will be used on /cases and the RSS feed so make sure they reflect the case well
title: "Confluence improper authorization vulnerability"
excerpt: "Confluence Data Center and Server allow unauthorized user to set Confluence in setup mode leading to the possibility to create administrator accounts that have the capabilities for RCE"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

unauthorized user -> users

versions:
- all versions affected
recommendation: "Upgrade to patched versions stated on atlassian website"
patch_status: Full patched
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fully*

---
## Summary
An improper authorization vulnerability has been identified inside Atlassian Confluence versions before (7.19.16; 8.3.4; 8.4.4; 8.5.3; 8.6.1). this allows an unauthorized used to set the Confluence server in setup-up mode, and using this setup mode create administrator accounts which can be used to facilitate remote code execution"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

unauthorized used -> user

## What we are doing
DIVD is currently working to identify vulnerable parties and notify these.
We do this by scanning for exposed Atlassian Confluence instances and examining this instance to determine whether the vulnerability is present.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this instance -> these instances

@Maximand Maximand merged commit 3f38489 into DIVD-NL:main Nov 28, 2023
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants