Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Divd 2023 00045 #730

Merged
merged 2 commits into from
Apr 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions _cases/2023/DIVD-2023-00042.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
---
layout: case
# Title and excerpt will be used on /cases and the RSS feed so make sure they reflect the case well
ips: n/a
title: "Confluence improper authorization vulnerability"
excerpt: "Confluence Data Center and Server allow unauthorized users to set Confluence in setup mode leading to the possibility to create administrator accounts that have the capabilities for RCE"
author: Wessel Baltus
Expand All @@ -19,9 +20,9 @@ versions:
recommendation: "Upgrade to patched versions stated on atlassian website"
patch_status: Fully patched
#workaround: n/a
status : Open
status : Closed
start: 2023-11-11
end:
end: 2024-04-14
timeline:
- start: 2023-10-31
end:
Expand All @@ -35,6 +36,9 @@ timeline:
- start: 2023-11-22
end:
event: "First version of this case file"
- start: 2023-12-14
end:
event: "Because of overlap merged with DIVD-2023-00045"
#ips:
# ips is used for statistics after the case is closed. If it is not applicable, you can set IPs to n/a (e.g. stolen credentials)
# This field becomes mandatory when the case status is set to 'Closed'
Expand Down
13 changes: 10 additions & 3 deletions _cases/2023/DIVD-2023-00045.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
---
layout: case
# Title and excerpt will be used on /cases and the RSS feed so make sure they reflect the case well
ips: 1032
title: "Confluence RCE Vulnerability In Confluence Data Center and Confluence Server"
excerpt: "Confluence Data Center and Server RCE vulnerability allow an authorized user, including one with anonymous access, to inject unsafe user input into a Confluence page"
author: Wessel Baltus
Expand All @@ -20,9 +21,9 @@ versions:
recommendation: "Upgrade to patched versions stated on Atlassian website"
patch_status: Fully patched
#workaround: n/a
status : Open
status : Closed
start: 2023-12-05
end:
end: 2024-04-14
timeline:
- start: 2023-12-05
end:
Expand All @@ -38,7 +39,13 @@ timeline:
event: "First version of this case file"
- start: 2023-12-20
end:
event: "DIVD identified vulnerable devices"
event: "DIVD identified vulnerable devices"
- start: 2023-12-20
end:
event: "DIVD send out first mailrun"
- start: 2024-04-14
end:
event: "DIVD did rescan and closed case"
#ips:
# ips is used for statistics after the case is closed. If it is not applicable, you can set IPs to n/a (e.g. stolen credentials)
# This field becomes mandatory when the case status is set to 'Closed'
Expand Down
Loading