Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-59898

Velocity Template Injection in Custom user macros - Macros Platform - CVE-2020-4027

XMLWordPrintable

      Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros.

      This issue was discovered and reported by GHSL team member @pwntester (Alvaro Munoz).

      The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1.

       

      Affected versions:

      • version < 7.4.5
      • 7.5.0 ≤ version < 7.5.1

      Fixed versions:

      • 7.4.5
      • 7.5.1  

            [CONFSERVER-59898] Velocity Template Injection in Custom user macros - Macros Platform - CVE-2020-4027

            Atlassian Portal added a comment - - edited

            @Ganesh Gautam,

            I assume the fixed versions are:

            • 7.4.5 or higher
            • 7.5.1 or higher

            Could you please confirm and update the CVE?

            Thanks,Steven

            Atlassian Portal added a comment - - edited @Ganesh Gautam, I assume the fixed versions are: 7.4.5 or higher 7.5.1 or higher Could you please confirm and update the CVE? Thanks, Steven

            Kevin Lange added a comment -

            Can someone from Atlassian ensure that the CVE is updated, as it shows that the only fix is in 7.5.1?  I have to explain the outstanding CVE details against our 7.4.6 instance.

            Kevin Lange added a comment - Can someone from Atlassian ensure that the CVE is updated, as it shows that the only fix is in 7.5.1?  I have to explain the outstanding CVE details against our 7.4.6 instance.

            Alex K added a comment -

            If you're running the Confluence 7.4 Enterprise release, a fix for this issue is now available in Confluence 7.4.5, which you can find in the Download Archives.

            Alex K added a comment - If you're running the Confluence 7.4 Enterprise release, a fix for this issue is now available in Confluence 7.4.5, which you can find in the Download Archives .

            Charlie B added a comment -

            Do we have any updates on when this will be fixed in the 7.4.x LTS release?

            Charlie B added a comment - Do we have any updates on when this will be fixed in the 7.4.x LTS release?

            Charlie B added a comment -

            Is this going to be fixed in the the 7.4.x LTS versions? 

            Charlie B added a comment - Is this going to be fixed in the the 7.4.x LTS versions? 

            Ellen Oates added a comment -

            A fix for this issue is available to Server and Data Center customers in Confluence 7.5.1
            Upgrade now or check out the Release Notes to see what other issues are resolved.

            Ellen Oates added a comment - A fix for this issue is available to Server and Data Center customers in Confluence 7.5.1 Upgrade now or check out the Release Notes  to see what other issues are resolved.

              ggautam Ganesh Gautam
              security-metrics-bot Security Metrics Bot
              Affected customers:
              0 This affects my team
              Watchers:
              24 Start watching this issue

                Created:
                Updated:
                Resolved: