Low Summary
A remote attacker who can connect to the Hazelcast service, running on port 5801 (and potentially 5701), is able to execute arbitrary code on all the nodes in a Confluence Data Center through Java deserialization.
Vulnerability Details
Confluence Data Center uses the third-party software Hazelcast, which is vulnerable to Java deserialization attacks (CVE-2016-10750). Hazelcast provides functionality needed to run Confluence Data Center as a cluster. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted JoinRequest, resulting in arbitrary code execution.
The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
RCE in Confluence DataCenter via HazelCast(Confluence) Port
Summary
A remote attacker who can connect to the Hazelcast service, running on port 5801 (and potentially 5701), is able to execute arbitrary code on all the nodes in a Confluence Data Center through Java deserialization.
Vulnerability Details
Confluence Data Center uses the third-party software Hazelcast, which is vulnerable to Java deserialization attacks (CVE-2016-10750). Hazelcast provides functionality needed to run Confluence Data Center as a cluster. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted JoinRequest, resulting in arbitrary code execution.
The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
-
Unassigned
-
Security Metrics Bot
- Votes:
-
0 Vote for this issue
- Watchers:
-
2 Start watching this issue
- Created:
- Updated:
- Resolved: