Are you exposed to Confluence security vulnerabilities?

There was news for Atlassian users in March and April 2019, as the released details of not one but two security vulnerabilities affecting Atlassian Confluence products. The security vulnerability was labelled as being of 'critical severity'.

The team at GLiNTECH understands Confluence users need clarification, so we've collated answers to a few frequently asked questions, and so we have provided the answers our customers need. Take a look below to find out more, and please be in touch if you have any questions or concerns.

At Risk Confluence Customers

Customers running the following versions of Confluence Server or Confluence Data Centre should be alerted.

• Any version marked as 1.x.x, 2.x.x, 3.x.x, 4.x.x or 5.x.x  
• Any version marked as 6.0.x, 6.1.x, 6.2.x, 6.3.x, 6.4.x, or 6.5.x
• Any version marked as 6.6.x up to and including 6.6.11
• Any version marked as 6.7.x, 6.8.x, 6.9.x, 6.10.x or 6.11.x 
• Any version marked as 6.12.x up to and including 6.12.2
• Any version marked as 6.13.x up to and including 6.13.2
• Any version marked as 6.14.x up to and including 6.14.1

All affected users are advised to upgrade their software without delay. The Safe Users section below provides more information about which software version to upgrade to. But if you have any doubts, please reach out.

Safe Users

All customers who have upgraded their solution to Confluence Data Centre or Confluence Server versions 6.6.12, 6.12.3, 6.13.3, 6.14.2 or higher are not at risk. These users remain unaffected by the vulnerabilities announced by Atlassian. 

All Confluence Cloud instances are unaffected and not at risk.

What Exactly is the Problem?

On March 20, 2019, Atlassian informed users of two vulnerabilities in their Confluence products. The first was the WebDAV vulnerability, which permitted a remote attacker to potentially exploit a Server Side Request Forgery (SSRF) weakness in the WebDAV plugin.

The second vulnerability was described as a server-side template injection in the Widget Connector, which would have allowed an attacker to perform remote code execution in the event of a breach.

On April 17, 2019, Atlassian released a third vulnerability warning. This time it was announced that any attacker who achieved permission to add attachments to pages or blogs, or to create a new space, could potentially exploit a path traversal vulnerability to perform remote code execution.

All of these vulnerabilities were listed as Critical Severity -- the highest severity level on Atlassian's scale.

What Now?

Immediate upgrades are the only way to make sure that your Confluence version is safe.

GLiNTECH can guide you through this process. Our team of Atlassian Consultants provide expert-level support for all of your Atlassian products.. Get in touch with the team today, and let's make sure that you stay safe and secure.