FKIE_CVE-2020-4027

Vulnerability from fkie_nvd - Published: 2020-07-01 02:15 - Updated: 2024-11-21 05:32
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Summary
Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1.
References
security@atlassian.comhttps://jira.atlassian.com/browse/CONFSERVER-59898Issue Tracking, Patch, Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://jira.atlassian.com/browse/CONFSERVER-59898Issue Tracking, Patch, Release Notes, Vendor Advisory
Impacted products
Vendor Product Version
atlassian confluence *
atlassian confluence_server *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BA01DD0-D61B-4307-8829-06BECB697AE8",
              "versionEndExcluding": "7.4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32D81366-EB40-4F36-B19B-18DEC20953F1",
              "versionEndExcluding": "7.5.1",
              "versionStartIncluding": "7.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The affected versions are before version 7.4.5, and from version 7.5.0 before 7.5.1."
    },
    {
      "lang": "es",
      "value": "Las versiones afectadas de Atlassian Confluence Server y Data Center permit\u00edan a los atacantes remotos con permisos de administraci\u00f3n del sistema saltarse las mitigaciones de inyecci\u00f3n de plantillas de velocidad a trav\u00e9s de una vulnerabilidad de inyecci\u00f3n en las macros de usuario personalizadas. Las versiones afectadas son anteriores a la versi\u00f3n 7.4.5, y desde la versi\u00f3n 7.5.0 hasta la versi\u00f3n 7.5.1"
    }
  ],
  "id": "CVE-2020-4027",
  "lastModified": "2024-11-21T05:32:10.850",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-01T02:15:12.350",
  "references": [
    {
      "source": "security@atlassian.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://jira.atlassian.com/browse/CONFSERVER-59898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://jira.atlassian.com/browse/CONFSERVER-59898"
    }
  ],
  "sourceIdentifier": "security@atlassian.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.