Multiple vulnerabilities in Atlassian Products



Published: 2022-07-29 | Updated: 2022-08-17
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2022-26136
CVE-2022-26137
CVE-2022-26133
CWE-ID CWE-79
CWE-345
CWE-502
Exploitation vector Network
Public exploit Public exploit code for vulnerability #3 is available.
Vulnerable software
Subscribe
Bamboo Server and Data Center
Server applications / Other server solutions

Bitbucket Data Center
Server applications / Other server solutions

Confluence Server and Data Center
Server applications / Other server solutions

Crowd Server and Data Center
Server applications / Other server solutions

Jira Server and Data Center
Server applications / Other server solutions

Jira Service Management Server and Data Center
Server applications / Other server solutions

Atlassian Crucible
Client/Desktop applications / Office applications

Atlassian Fisheye
Client/Desktop applications / Office applications

Vendor Atlassian

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Cross-site scripting

EUVDB-ID: #VU65891

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-26136

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the Servlet Filter. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Bamboo Server and Data Center: 7.2.0 - 8.2.3

Bitbucket Data Center: 8.1.0, 8.0.0, 7.20.0 - 7.20.1, 7.19.0 - 7.19.4, 7.17.0 - 7.17.7, 7.6.0 - 7.6.15

Confluence Server and Data Center: 7.4.0 - 7.18.0

Crowd Server and Data Center: 4.3.0 - 5.0.0

Jira Server and Data Center: 8.13.0 - 8.22.3

Jira Service Management Server and Data Center: 4.13.0 - 4.22.5

Atlassian Crucible: 4.8.0 - 4.8.9

Atlassian Fisheye: 4.8.0 - 4.8.9


CPE2.3 External links

http://jira.atlassian.com/browse/CWD-5815
http://jira.atlassian.com/browse/FE-7410
http://jira.atlassian.com/browse/JRASERVER-73897
http://jira.atlassian.com/browse/BAM-21795
http://jira.atlassian.com/browse/JSDSERVER-11863
http://jira.atlassian.com/browse/CONFSERVER-79476
http://jira.atlassian.com/browse/CRUC-8541
http://jira.atlassian.com/browse/BSERV-13370

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Insufficient verification of data authenticity

EUVDB-ID: #VU65892

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-26137

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error when processing HTTP requests, related to cross-origin sharing (CORS) in the Servlet Filter. A remote attacker can trick the victim to follow a specially crafted link and access the vulnerable application with the victim’s permissions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Bamboo Server and Data Center: 7.2.0 - 8.2.3

Bitbucket Data Center: 8.1.0, 8.0.0, 7.20.0 - 7.20.1, 7.19.0 - 7.19.4, 7.17.0 - 7.17.7, 7.6.0 - 7.6.15

Confluence Server and Data Center: 7.4.0 - 7.18.0

Crowd Server and Data Center: 4.3.0 - 5.0.0

Jira Server and Data Center: 8.13.0 - 8.22.3

Jira Service Management Server and Data Center: 4.13.0 - 4.22.5

Atlassian Crucible: 4.8.0 - 4.8.9

Atlassian Fisheye: 4.8.0 - 4.8.9


CPE2.3 External links

http://jira.atlassian.com/browse/CWD-5815
http://jira.atlassian.com/browse/FE-7410
http://jira.atlassian.com/browse/JRASERVER-73897
http://jira.atlassian.com/browse/BAM-21795
http://jira.atlassian.com/browse/JSDSERVER-11863
http://jira.atlassian.com/browse/CONFSERVER-79476
http://jira.atlassian.com/browse/CRUC-8541
http://jira.atlassian.com/browse/BSERV-13370

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Deserialization of Untrusted Data

EUVDB-ID: #VU66555

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-26133

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the SharedSecretClusterAuthenticator. A remote non-authenticated attacker can send specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Bitbucket Data Center: 7.20.0 - 7.20.1, 7.19.0 - 7.19.3, 7.18.0 - 7.18.3, 7.17.0 - 7.17.5, 7.6.0 - 7.6.13

Confluence Server and Data Center: 7.4.0 - 7.18.0


CPE2.3 External links

http://jira.atlassian.com/browse/BSERV-13173
http://confluence.atlassian.com/security/multiple-products-security-advisory-hazelcast-vulnerable-to-remote-code-execution-cve-2016-10750-1116292387.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###