Confluence セキュリティ勧告 - 2009-06-01

Confluence のセキュリティの概要とアドバイザリ

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

In this advisory:

XSS Vulnerability in Various Confluence Actions and Macros

重大度

Atlassian rates these vulnerabilities as high, according to the scale published in Confluence Security. The scale allows us to rank a vulnerability as critical, high, moderate or low.

Risk Assessment

We have identified and fixed a number of security flaws which may affect Confluence instances in a public environment. These are cross-site scripting (XSS) that affect various Confluence page/blog features and functions.

  • The hacker might take advantage of the flaw to steal other users' session cookies or other credentials, by sending the credentials back to the hacker's own web server.
  • The hacker's text and script might be displayed to other people viewing the Confluence page. This is potentially damaging to your company's reputation.

You can read more about XSS attacks at cgisecurity, CERT and other places on the web.

Risk Mitigation

これらの脆弱性を解決するため、Confluence インストールをパッチまたはアップグレードすることをお勧めします。以下の「修正」セクションを参照してください。

Alternatively, if you are not in a position to undertake this immediately and you judge it necessary, you can disable public access (e.g. anonymous access and public signup) to your wiki until you have applied the necessary patch or upgrade. For even tighter control, you could restrict access to trusted groups.

Vulnerability

A hacker can inject their own JavaScript into various Confluence URLs — see the table below for the affected functional areas. A URL may be invoked when a user performs a specific function in Confluence, such as clicking a link or a button. The URL can also be invoked by simply entering it into the browser address bar. If rogue JavaScript is injected into such a URL, the JavaScript will be executed when a user invokes the URL.

For more details please refer to the related JIRA issue, also shown in the table below.

Affected Confluence Functionality

影響する Confluence バージョン

Fix Availability

More Details

Concurrent page edit message

All versions (1.0 to 2.10.3 inclusive)

2.9.2 and 2.10.3

CONF-15883

Gallery Macro (Confluence Advanced Macros Plugin)

All versions (1.0 to 2.10.3 inclusive)

2.10.3

CONF-15376

View File Macro (Office Connector Plugin)

2.10.0 to 2.10.3 inclusive *

2.10.3

CONF-15402

Instant Messenger Macro

All versions (1.0 to 2.10.3 inclusive)

2.8.2, 2.9.2 and 2.10.3

CONF-15397

投稿者マクロ

2.3 to 2.10.3 inclusive

2.9.2 and 2.10.3

CONF-15399

JIRA 課題マクロ

All versions (1.0 to 2.10.3 inclusive)

2.10.3

CONF-15754

* This vulnerability may be present in earlier Confluence versions with the Office Connector plugin installed.

Fix

These issues have been fixed in Confluence 3.0 (see the release notes), which you can download from the download centre.

If you do not wish to upgrade to Confluence 3.0, you can download and install the patches provided on our JIRA site. You will need to upgrade to the latest point release for the major version of Confluence that you are running (e.g. if you are running Confluence 2.9, you will need to upgrade to version 2.9.2) and then apply the patches. For more information, please refer to the specific JIRA issues shown in the table of vulnerabilities above.

最終更新日 2013 年 9 月 13 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.