Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-98413

Confluence Data Center for Windows has confluence.cfg.xml file readable by BUILTIN/Users by default

XMLWordPrintable

    • 6.4
    • Medium
    • Bug Bounty
    • matcluck
    • CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
    • PrivEsc (Priviledge Escalation), Security Misconfiguration
    • Confluence Data Center

      Affected versions of Atlassian Confluence Data Center in Windows installations contain a security misconfiguration in which the confluence.cfg.xml file is readable by users in the BUILTIN/Users group by default.

      An attacker with local access to the Windows host with Confluence Data Center installed within the BUILTIN/Users group can read sensitive information within the confluence.cfg.xml configuration file which could lead to local privilege escalation as the Confluence installation user. The CWE ID for this vulnerability is CWE-732: Incorrect Permission Assignment for Critical Resource.

       

      Affected Versions:

      • version < 8.7.1

      Fixed Versions:

      • 7.19.18
      • 8.5.5
      • 8.7.2
      • 8.8.0

            [CONFSERVER-98413] Confluence Data Center for Windows has confluence.cfg.xml file readable by BUILTIN/Users by default

            Green Bone added a comment -

            There seems to be something "off" in the description above:

            Affected Versions:

            • version < 8.7.1

            Fixed Versions:

            • 7.19.18
            • 8.5.5
            • 8.7.2
            • 8.8.0

            8.7.1 can't be a fixed versions (as expressed by < 8.7.1) if the fix is included in 8.7.2

            Green Bone added a comment - There seems to be something "off" in the description above: Affected Versions: version < 8.7.1 Fixed Versions: 7.19.18 8.5.5 8.7.2 8.8.0 8.7.1 can't be a fixed versions (as expressed by < 8.7.1) if the fix is included in 8.7.2
            Ricardo Schieber made changes -
            Remote Link Original: This issue links to "VULN-1104455 (Atlassian Security Jira)" [ 961285 ] New: This issue links to "VULN-1104455 (ASEC/J)" [ 961285 ]
            prodsec-jac-bot made changes -
            Resolution New: Fixed [ 1 ]
            Security Original: Atlassian Staff [ 10750 ]
            Status Original: Draft [ 12872 ] New: Published [ 12873 ]
            Security Metrics Bot made changes -
            Labels Original: advisory advisory-to-release New: advisory advisory-to-release fixed-versions-published
            Jeremy Jorge made changes -
            Remote Link New: This issue links to "VULN-1104455 (Atlassian Security Jira)" [ 961285 ]
            Jeremy Jorge made changes -
            Description Original: There is a security misconfiguration within Confluence Data Center version 8.7.1 for Windows installations in which the confluence.cfg.xml file is readable by users in the BUILTIN/Users group by default.

            A malicious user within the BUILTIN/Users group with local access to the Windows host with Confluence Data Center installed can read sensitive information within the confluence.cfg.xml configuration file which could lead to local privilege escalation as the Confluence installation user. The CWE ID for this vulnerability is CWE-732: Incorrect Permission Assignment for Critical Resource.             		New: Affected versions of Atlassian Confluence Data Center in Windows installations contain a security misconfiguration in which the confluence.cfg.xml file is readable by users in the BUILTIN/Users group by default.

            An attacker with local access to the Windows host with Confluence Data Center installed within the BUILTIN/Users group can read sensitive information within the confluence.cfg.xml configuration file which could lead to local privilege escalation as the Confluence installation user. The CWE ID for this vulnerability is CWE-732: Incorrect Permission Assignment for Critical Resource.

             

            Affected Versions:

            - version < 8.7.1

            Fixed Versions:
             * 7.19.18
             * 8.5.5
             * 8.7.2
             * 8.8.0
            Jeremy Jorge made changes -
            Labels New: advisory advisory-to-release
            Jeremy Jorge made changes -
            Description Original: There is a security misconfiguration within Confluence Data Center version 8.7.1 for Windows installations in which the confluence.cfg.xml file is readable by users in the BUILTIN/Users group by default.

            A malicious user within the BUILTIN/Users group with local access to the Windows host with Confluence Data Center installed can read sensitive information within the confluence.cfg.xml configuration file which could lead to local privilege escalation as the Confluence installation user.             		New: There is a security misconfiguration within Confluence Data Center version 8.7.1 for Windows installations in which the confluence.cfg.xml file is readable by users in the BUILTIN/Users group by default.

            A malicious user within the BUILTIN/Users group with local access to the Windows host with Confluence Data Center installed can read sensitive information within the confluence.cfg.xml configuration file which could lead to local privilege escalation as the Confluence installation user. The CWE ID for this vulnerability is CWE-732: Incorrect Permission Assignment for Critical Resource.
            Jeremy Jorge created issue -

              Unassigned Unassigned
              7310b7a8df2a Jeremy Jorge
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: