Details
-
Bug
-
Resolution: Fixed
-
Medium
-
5.9.12, 6.0.7, 6.1.1, 6.1.2
-
Severity 2 - Major
-
Description
The version of the bundled Atlassian OAuth plugin was vulnerable to Server Side Request Forgery (SSRF). This allowed a XSS and or a SSRF attack to be performed. More information about the Atlassian OAuth plugin issue see https://ecosystem.atlassian.net/browse/OAUTH-344 . When running in an environment like Amazon EC2, this flaw can used to access to a metadata resource that provides access credentials and other potentially confidential information.
Workaround for Confluence - In case you can't upgrade yet to 6.1.3:
- Shutdown Confluence.
- Go to <Confluence-Installation-Directory>/confluence/WEB-INF/atlassian-bundled-plugins and find the atlassian-oauth-service-provider-plugin-2.0.2.jar file.
- Delete it.
- Download below file, which is the atlassian-oauth-service-provider-plugin-2.0.4.jar file for Confluence:
atlassian-oauth-service-provider-plugin-2.0.4.jar - Paste it inside <Confluence-Installation-Directory>/confluence/WEB-INF/atlassian-bundled-plugins folder.
- Clear plugin cache.
- Bring Confluence back online.
Attachments
Issue Links
- relates to
-
OAUTH-344 Loading...