Confluence セキュリティ勧告 - 2008-03-19

Confluence のセキュリティの概要とアドバイザリ

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

In this advisory:

XSS Vulnerabilities in Various Confluence Actions

深刻度

Atlassian rates these vulnerabilities as high, according to the scale published in Confluence Security. The scale allows us to rank a vulnerability as critical, high, moderate or low.

Risk Assessment

We have identified and fixed a number of security flaws which may affect Confluence instances in a public environment. The flaws are all XSS (cross-site scripting) vulnerabilities in various Confluence actions. Each vulnerability potentially allows a malicious user (hacker) to embed their own JavaScript into a Confluence page.

  • ハッカーはこの欠陥を利用して他のユーザーのセッション クッキーやその他の資格情報を盗み、その資格情報をハッカー自身の Web サーバーに送り返す可能性があります。
  • The hacker's text and script might be displayed to other people viewing the Confluence page. This is potentially damaging to your company's reputation.

以下で説明する脆弱性を修正するには、以下のいずれかのステップを実行することをお勧めします。

  • Confluence 2.7.3 にアップグレードします。
  • Download and install the patches for Confluence 2.6.x from our JIRA site — refer to the list of issues below.

You can read more about XSS attacks at cgisecurity, CERT and other places on the web.

Risk Mitigation

If you judge it necessary, you can disable public access (e.g. anonymous access and public signup) to your wiki until you have applied the necessary patch or upgrade. For even tighter control, you could restrict access to trusted groups only.

Vulnerability

A hacker can inject their own JavaScript into the Confluence actions listed in the table below. Each of the actions is invoked when a user performs a specific function in Confluence, such as clicking a link or a button. The actions can also be invoked by simply entering the URL into the browser address bar.

For more details please refer to the related JIRA issue, also shown in the table below.

Confluence アクション

影響する Confluence バージョン

詳細情報

報告者
(アトラシアンでない場合)

ページまたはニュース アイテムを作成、編集、またはコピーする

From 2.2 to 2.7.2 inclusive

CONF-11027

 

コメントの追加

From 2.2 to 2.7.2 inclusive

CONF-11027

 

スペース作成

From 2.2 to 2.7.2 inclusive

CONF-11042

Wyatt Crossin

アカウントへの登録方法

From 2.2 to 2.7.2 inclusive

CONF-11005

 

Choose a page (page picker)

From 2.2 to 2.7.2 inclusive

CONF-11137

 

View a user

From 2.2 to 2.7.2 inclusive

CONF-11002

 

Insert an image or link

From 2.2 to 2.7.2 inclusive

CONF-11141

 

Choose a user or group (user picker and group picker)

From 2.2 to 2.7.2 inclusive

CONF-11040

Jean Marois

Add a user to favourites

From 2.0 to 2.7.2 inclusive

CONF-11026

 

HTTP 500 error page

From 1.3 to 2.7.2 inclusive

CONF-11019

 

Add bookmark

All Confluence instances that have the Social Bookmarking plugin.
Note that the plugin is bundled with Confluence since version 2.6, so Confluence 2.6.x and 2.7.x are vulnerable even if you don't use social bookmarking.
Patches are supplied for Confluence 2.6.x and 2.7.x.

CONF-11153

 

修正

これらの問題は Confluence 2.7.3 で修正されていますダウンロード センターからダウンロードできる「リリース ノート」をご参照ください。

Patches are available for Confluence 2.6.x. For more information, please refer to the specific JIRA issues shown in the table of vulnerabilities above.

Our thanks to the people who reported some of the vulnerabilities listed above. We fully support the reporting of vulnerabilities and we appreciate their working with us towards identifying and solving the problem.

最終更新日 2013 年 9 月 13 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.