• 10
    • Critical
    • CVE-2016-10750

      Summary
      A remote attacker who can connect to the Hazelcast service, running on port 5801 (and potentially 5701), is able to execute arbitrary code on all the nodes in a Confluence Data Center through Java deserialization.

      Vulnerability Details
      Confluence Data Center uses the third-party software Hazelcast, which is vulnerable to Java deserialization attacks (CVE-2016-10750). Hazelcast provides functionality needed to run Confluence Data Center as a cluster. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted JoinRequest, resulting in arbitrary code execution.

      The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

            [CONFSERVER-79017] RCE in Confluence DataCenter via HazelCast(Confluence) Port

            Is there any workaround for this without upgrading confluence? 

            Armand Gino T. Agapito added a comment - Is there any workaround for this without upgrading confluence? 

            A fix for this issue is available in Confluence Server and Data Center 7.13.7.
            Upgrade now or check out the [#https://confluence.atlassian.com/doc/confluence-release-notes-327.html] to see what other issues are resolved.

            Siddhant Rath (Inactive) added a comment - - edited A fix for this issue is available in Confluence Server and Data Center 7.13.7. Upgrade now or check out the [#https://confluence.atlassian.com/doc/confluence-release-notes-327.html] to see what other issues are resolved.

            This is an independent assessment and you should evaluate its applicability to your own IT environment.

            CVSS v3 score: 10.0 => Critical severity

            Exploitability Metrics

            Attack Vector Network
            Attack Complexity Low
            Privileges Required None
            User Interaction None

            Scope Metric

            Scope Changed

            Impact Metrics

            Confidentiality High
            Integrity High
            Availability High

            Siddhant Rath (Inactive) added a comment - - edited This is an independent assessment and you should evaluate its applicability to your own IT environment. CVSS v3 score: 10.0 => Critical severity Exploitability Metrics Attack Vector Network Attack Complexity Low Privileges Required None User Interaction None Scope Metric Scope Changed Impact Metrics Confidentiality High Integrity High Availability High

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: