SB2019032908 - Multiple vulnerabilities in Atlassian Crowd

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Open redirect (CVE-ID: CVE-2017-18109)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The login resource of CrowdId in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.

2) XML External Entity injection (CVE-ID: CVE-2017-18110)

The vulnerability allows a remote authenticated user to gain access to sensitive information.

The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to read files from the filesystem via a XXE vulnerability.

Remediation

Install update from vendor's website.

References

• https://jira.atlassian.com/browse/CWD-5071
• https://jira.atlassian.com/browse/CWD-5070