Detections
Analytics
Atlassian Confluence 1.0.1 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-95943)
high Nessus Plugin ID 201108
Language:
Synopsis
The remote Atlassian Confluence host is missing a security update.Description
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95943 advisory.- Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g.
through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input. (CVE-2024-22259)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Atlassian Confluence version 7.19.23, 8.5.9, 8.9.1 or later.See Also
Plugin Details
Severity: High
ID: 201108
File Name: confluence_confserver-95943.nasl
Version: 1.4
Type: combined
Agent: windows, macosx, unix
Family: CGI abuses
Published: 6/27/2024
Updated: 8/23/2024
Configuration: Enable thorough checks
Supported Sensors: Nessus Agent, Nessus
Enable CGI Scanning: true
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
CVSS v2
Risk Factor: High
Base Score: 9.4
Temporal Score: 7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N
CVSS Score Source: CVE-2024-22259
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:atlassian:confluence
Required KB Items: installed_sw/Atlassian Confluence
Exploit Ease: No known exploits are available
Patch Publication Date: 6/7/2024
Vulnerability Publication Date: 3/16/2024
Reference Information
CVE: CVE-2024-22259
IAVA: 2024-A-0366, 2024-A-0449-S