From 1f54487ecaa72905b2d65e8b9ea6a2b656a91f2f Mon Sep 17 00:00:00 2001 From: Wessel Date: Fri, 15 Dec 2023 13:18:02 +0100 Subject: [PATCH] Fixed timeline and spelling issues --- _cases/2023/DIVD-2023-00042.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/_cases/2023/DIVD-2023-00042.md b/_cases/2023/DIVD-2023-00042.md index c26311d6..8772c475 100644 --- a/_cases/2023/DIVD-2023-00042.md +++ b/_cases/2023/DIVD-2023-00042.md @@ -6,7 +6,7 @@ excerpt: "Confluence Data Center and Server allow unauthorized users to set Conf author: Wessel Baltus lead: Wessel Baltus researchers: -- Max van der horst +- Max van der Horst - Wessel Baltus # You can use free text here as well. E.g. to indicate that some vulnerabilities don't have CVEs assigned (yet). cves: @@ -15,7 +15,7 @@ product: - Confluence Data Center - Confluence Server versions: -- all versions prior to 7.19.16, 8.3.4, 8.4.4, 8.5.3, 8.6.1 +- All versions prior to 7.19.16, 8.3.4, 8.4.4, 8.5.3, 8.6.1 recommendation: "Upgrade to patched versions stated on atlassian website" patch_status: Fully patched #workaround: n/a @@ -32,7 +32,7 @@ timeline: - start: 2023-11-20 end: event: "DIVD created a list of vulnerable Confluence instancess" -- start: 2022-11-22 +- start: 2023-11-22 end: event: "First version of this case file" #ips: @@ -41,7 +41,7 @@ timeline: --- ## Summary ​ -An improper authorization vulnerability has been identified inside Atlassian Confluence versions before (7.19.16; 8.3.4; 8.4.4; 8.5.3; 8.6.1). this allows an unauthorized user to set the Confluence server in setup-up mode, and using this setup mode create administrator accounts which can be used to facilitate remote code execution" +An improper authorization vulnerability has been identified inside Atlassian Confluence versions before (7.19.16; 8.3.4; 8.4.4; 8.5.3; 8.6.1). This allows an unauthorized user to set the Confluence server in setup-up mode, and using this setup mode create administrator accounts which can be used to facilitate remote code execution" ​ ## What you can do ​ @@ -59,5 +59,4 @@ DIVD is currently working to identify vulnerable parties and notify these. ​ ## More information * List all resources here -* [Blog from Grafana](https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/) -* [CVE-2021-43798](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43798) +* https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html