Shulou(Shulou.com)06/01 Report--

Author: Badcode@ knows that Chuangyu 404 laboratory

Date: 2019-08-29

English version: https://paper.seebug.org/1026/

Preface

In the afternoon, @ fnmsd sent me a Confluence warning. I looked at the patch and reproduced the loophole. This article records the emergency process of this vulnerability.

Looking at the description, Confluence Server and Data Center have a local file disclosure vulnerability in the page export feature: a remote attacker with "add Page" space privileges can read arbitrary files in the / confluence/WEB-INF/ directory. This directory may contain configuration files for integration with other services and may disclose authentication credentials, such as LDAP authentication credentials or other sensitive information. Like a vulnerability that has been emergency before, you can't jump out of the WEB directory, because the web directory and the data directory of confluence are generally separate, and the user's configuration is generally stored in the data directory, so the harm is limited.

Vulnerability impact 6.1.0

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.