Vulnerability-Lookup

BDU:2024-00702

Vulnerability from fstec - Published: 16.01.2024

Title

Уязвимость веб-сервера Atlassian Confluence Server и дата центра Confluence Data Center, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю раскрыть защищаемую информацию

Description

Уязвимость веб-сервера Atlassian Confluence Server и дата центра Confluence Data Center связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, раскрыть защищаемую информацию

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Vendor

Atlassian

Software Name

Jira Data Center, Confluence Server

Software Version

от 8.5.0 до 8.5.5 (Jira Data Center), от 8.7.0 до 8.7.2 (Jira Data Center), от 8.5.0 до 8.5.5 (Confluence Server), от 8.7.0 до 8.7.2 включительно (Confluence Server), от 7.19.0 до 19.07.18 (Jira Data Center), от 7.19 до 7.19.18 (Confluence Server)

Possible Mitigations

Использование рекомендаций: https://jira.atlassian.com/browse/CONFSERVER-94066

Reference

https://jira.atlassian.com/browse/CONFSERVER-94066 https://confluence.atlassian.com/security/security-bulletin-january-16-2024-1333335615.html https://safe-surf.ru/upload/VULN-new/VULN.2024-01-19.1.pdf

CWE

CWE-94

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Atlassian",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 8.5.0 \u0434\u043e 8.5.5 (Jira Data Center), \u043e\u0442 8.7.0 \u0434\u043e 8.7.2 (Jira Data Center), \u043e\u0442 8.5.0 \u0434\u043e 8.5.5 (Confluence Server), \u043e\u0442 8.7.0 \u0434\u043e 8.7.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Confluence Server), \u043e\u0442 7.19.0 \u0434\u043e 19.07.18 (Jira Data Center), \u043e\u0442 7.19 \u0434\u043e 7.19.18 (Confluence Server)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://jira.atlassian.com/browse/CONFSERVER-94066",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.01.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "25.01.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "25.01.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-00702",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-21674",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Jira Data Center, Confluence Server",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Atlassian Confluence Server \u0438 \u0434\u0430\u0442\u0430 \u0446\u0435\u043d\u0442\u0440\u0430 Confluence Data Center, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430) (CWE-94)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Atlassian Confluence Server \u0438 \u0434\u0430\u0442\u0430 \u0446\u0435\u043d\u0442\u0440\u0430 Confluence Data Center \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://jira.atlassian.com/browse/CONFSERVER-94066\nhttps://confluence.atlassian.com/security/security-bulletin-january-16-2024-1333335615.html\nhttps://safe-surf.ru/upload/VULN-new/VULN.2024-01-19.1.pdf",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-94",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}

CVE-2024-21674 (GCVE-0-2024-21674)

Vulnerability from cvelistv5 – Published: 2024-01-16 05:00 – Updated: 2024-08-29 14:38

Summary

This High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has high impact to confidentiality, no impact to integrity, no impact to availability, and does not require user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: * Confluence Data Center and Server 7.19: Upgrade to a release 7.19.18, or any higher 7.19.x release * Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release * Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ).

Severity ?

8.6 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE

RCE (Remote Code Execution)

Assigner

atlassian

References

URL

Tags

https://jira.atlassian.com/browse/CONFSERVER-94066

Impacted products

Vendor

Product

Version

Atlassian

Confluence Data Center

Unaffected: < 7.19.0
Affected: >= 7.19.0
Affected: >= 8.0.0
Affected: >= 8.1.0
Affected: >= 8.2.0
Affected: >= 8.3.0
Affected: >= 8.4.0
Affected: >= 8.5.0
Affected: >= 8.6.0
Affected: >= 8.7.1
Unaffected: >= 7.19.18
Unaffected: >= 8.5.5
Unaffected: >= 8.7.2

Atlassian

Confluence Server

Credits

DDV_UA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:27:36.170Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jira.atlassian.com/browse/CONFSERVER-94066"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21674",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-29T14:37:34.659948Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-29T14:38:32.248Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Confluence Data Center",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "unaffected",
              "version": "\u003c 7.19.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.19.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.1.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.2.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.3.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.4.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.5.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.6.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.7.1"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 7.19.18"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.5.5"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.7.2"
            }
          ]
        },
        {
          "product": "Confluence Server",
          "vendor": "Atlassian",
          "versions": [
            {
              "status": "unaffected",
              "version": "\u003c 7.19.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.19.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.1.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.2.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.3.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.4.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.5.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.6.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.7.1"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 7.19.18"
            },
            {
              "status": "unaffected",
              "version": "\u003e= 8.5.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "DDV_UA"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Confluence Data Center and Server.\n\nRemote Code Execution (RCE) vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has high impact to confidentiality, no impact to integrity, no impact to availability, and does not require user interaction.\n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\n\n* Confluence Data Center and Server 7.19: Upgrade to a release 7.19.18, or any higher 7.19.x release\n* Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release\n* Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release\n\nSee the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives )."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "RCE (Remote Code Execution)",
              "lang": "en",
              "type": "RCE (Remote Code Execution)"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-16T17:00:02.134Z",
        "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
        "shortName": "atlassian"
      },
      "references": [
        {
          "url": "https://jira.atlassian.com/browse/CONFSERVER-94066"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66",
    "assignerShortName": "atlassian",
    "cveId": "CVE-2024-21674",
    "datePublished": "2024-01-16T05:00:00.639Z",
    "dateReserved": "2024-01-01T00:05:33.845Z",
    "dateUpdated": "2024-08-29T14:38:32.248Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2024-00702

CVE-2024-21674 (GCVE-0-2024-21674)

Tags

Sightings

Nomenclature