• Type: Public Security Vulnerability
• Resolution: Fixed
• Priority: Low
• Fix Version/s: 8.3.0, 7.13.17, 7.19.9, 8.2.2
• Affects Version/s: 7.13.0
• Component/s: None
• Labels:

  • advisory
  • advisory-to-release
  • dont-import
  • fixed-versions-published
  • security
  • 🔢✅

[CONFSERVER-83218] A user with read permissions to a Confluence page is able to upload attachments - CVE-2023-22504

AB made changes - 06/Jun/2023 11:35 PM

Assignee

New: AB [ ablack@atlassian.com ]

AB made changes - 06/Jun/2023 11:35 PM

Description

Original: Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. The affected versions are before version 7.13.17, from version 7.14.0 before 7.19.9, and from version 7.20.0 before 8.2.2. This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team. *Affected versions:*  * version < 7.13.17  * 7.14.0 ≤ version < 7.19.9  * 7.20.0 ≤ version < 8.2.2 *Fixed versions:*  * 7.13.17  * 7.19.9  * 8.2.2  * 8.3.0

New: Affected versions of Atlassian Confluence Server and Data Center allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. The affected versions are before version 7.13.17, from version 7.14.0 before 7.19.9, and from version 7.20.0 before 8.2.2. This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team. *Affected versions:*  * version < 7.13.17  * 7.14.0 ≤ version < 7.19.9  * 7.20.0 ≤ version < 8.2.2 *Fixed versions:*  * 7.13.17  * 7.19.9  * 8.2.2  * 8.3.0

Ryoji Takata (Inactive) made changes - 06/Jun/2023 3:03 AM

Remote Link

New: This issue links to "CSP-316627 (Atlassian Support System)" [ 773011 ]

Security Metrics Bot made changes - 04/Jun/2023 8:28 PM

CVE ID

New: CVE-2023-22504

AB made changes - 30/May/2023 11:29 PM

Summary

Original: A user with read permissions to a Confluence page is able to upload attachments

New: A user with read permissions to a Confluence page is able to upload attachments - CVE-2023-22504

AB made changes - 30/May/2023 11:28 PM

Description

Original: Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. The affected versions are before version 7.19.9. This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team. *Affected versions:*  * version < 7.19.9 *Fixed versions:*  * 7.19.9

New: Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature. The affected versions are before version 7.13.17, from version 7.14.0 before 7.19.9, and from version 7.20.0 before 8.2.2. This vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team. *Affected versions:*  * version < 7.13.17  * 7.14.0 ≤ version < 7.19.9  * 7.20.0 ≤ version < 8.2.2 *Fixed versions:*  * 7.13.17  * 7.19.9  * 8.2.2  * 8.3.0

Richard Atkins made changes - 30/May/2023 5:01 AM

Fix Version/s

New: 8.2.2 [ 104997 ]

Richard Atkins made changes - 30/May/2023 4:54 AM

Fix Version/s		New: 8.3.0 [ 104099 ]
Fix Version/s		New: 7.13.17 [ 104737 ]

AB made changes - 29/May/2023 12:39 AM

Resolution		New: Fixed [ 1 ]
Security	Original: Atlassian Staff [ 10750 ]
Status	Original: Draft [ 12872 ]	New: Published [ 12873 ]

Security Metrics Bot made changes - 17/May/2023 12:35 AM

Labels

Original: advisory advisory-to-release dont-import fixed-versions-not-yet-published fixed-versions-published security 🔢✅

New: advisory advisory-to-release dont-import fixed-versions-published security 🔢✅

Load more older history items