[CONFSERVER-47215] Answers is vulnerable to BREACH (SSL/HTTP gzip) attack - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Won't Fix
Priority: Low
Fix Version/s: None
Affects Version/s: No-Version
Component/s: Apps - Confluence Questions
Labels:

Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

This is an external report, and not a high priority - certainly much lower impact than ~~ANSWERS-648~~.

This issue was reported by Nakul Mohan <edwardmaya618@gmail.com>, 11 May - the email is too long to reproduce here.

An attacker with the ability to:

Inject partial chosen plaintext into a victim's requests
Measure the size of encrypted traffic
can leverage information leaked by compression to recover targeted parts of the plaintext.

This can be attacked by using the reflected values in /search/ to leak the CSRF token.

relates to

CONFCLOUD-47215 Answers is vulnerable to BREACH (SSL/HTTP gzip) attack

Closed

Assignee:: Dennis Kromhout van der Meer (Inactive)

Reporter:: Dougall Johnson

Affected customers:: 0 This affects my team

Watchers:: 2 Start watching this issue

Created:: 12/May/2014 1:35 AM

Updated:: 11/Oct/2018 8:37 AM

Resolved:: 12/May/2014 10:51 PM