Atlassian Confluence < 5.5.2 XWork Library ClassLoader Manipulation Remote Code Execution

high Nessus Plugin ID 77030

Synopsis

The remote web application is affected by a remote code execution vulnerability.

Description

According to its self-reported version number, the instance of Atlassian Confluence on the remote host is a version prior to 5.5.2.
It is, therefore, affected by a flaw in the XWork library that allows a remote, unauthenticated user to alter the ClassLoader. This could allow an attacker to execute arbitrary Java code on the remote host.

Note that the attacker must be able to access the Confluence web interface, and if anonymous access is enabled, a valid user account is not needed to exploit the vulnerability.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Confluence version 5.5.2 or later, or apply the appropriate vendor patch.

See Also

http://www.nessus.org/u?2e20e0e3

https://jira.atlassian.com/browse/CONF-33515

Plugin Details

Severity: High

ID: 77030

File Name: confluence_5_5_2.nasl

Version: 1.8

Type: remote

Family: CGI abuses

Published: 8/6/2014

Updated: 6/5/2024

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Vulnerability Information

CPE: cpe:/a:atlassian:confluence

Required KB Items: Settings/ParanoidReport, www/confluence

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No known exploits are available

Patch Publication Date: 5/21/2014

Vulnerability Publication Date: 5/2/2014

Reference Information

BID: 67620