Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-2950

Crowd leaks the value of the HTTP only 'crowd.token_key' cookie on the crowd/console/500.jsp page

XMLWordPrintable

      cert.fr@cassidian.com reported the following vulnerability:
      == Type ==
      Information Disclosure

      == Product ==
      Atlassian Crowd

      == Severity ==
      Medium

      == Description ==
      The crowd.token_key cookie, used as a token to authenticate on all Atlassian applications, is marked as HttpOnly.
      However, the Crowd 500 error page (/crowd/console/500.jsp) displays this cookie?s value, breaking the HttpOnly behavior.

            [CWD-2950] Crowd leaks the value of the HTTP only 'crowd.token_key' cookie on the crowd/console/500.jsp page

            Richard Atkins made changes -
            Labels Original: infoleak no-advisory-required security New: infoleak information-disclosure no-advisory-required security
            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 - restricted [ 1509632 ] New: JAC Bug Workflow v3 [ 3364670 ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Owen made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 [ 1391801 ] New: Simplified Crowd Development Workflow v2 - restricted [ 1509632 ]
            Owen made changes -
            Workflow Original: Crowd Development Workflow v2 [ 442784 ] New: Simplified Crowd Development Workflow v2 [ 1391801 ]
            joe made changes -
            Link New: This issue causes CWD-3193 [ CWD-3193 ]
            VitalyA made changes -
            Labels Original: infoleak security New: infoleak no-advisory-required security
            Diego Berrueta made changes -
            Security Original: Reporters and Developers [ 10071 ]
            Diego Berrueta made changes -
            Remote Link New: This issue links to "Wiki Page (Extranet)" [ 27816 ]
            Renan Battaglin made changes -
            Remote Link New: This issue links to "Wiki Page (Extranet)" [ 27802 ]
            VitalyA made changes -
            Priority Original: Critical [ 2 ] New: Minor [ 4 ]

              akunday ArvindA
              dblack David Black
              Affected customers:
              0 This affects my team
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 53m
                  53m