Disclosure of technical information in exporter support tools

Description

Summary

This advisory discloses a security issue of medium severity affecting several Scroll Exporter apps, and provides a step-by-step guide to help you rectify the issue.

You may be affected if you have one of these apps installed:

  • Scroll CHM Exporter, version 3.9.15 or earlier

  • Scroll DocBook Exporter, version 3.9.15 or earlier

  • Scroll EclipseHelp Exporter, version 3.9.15 or earlier

  • Scroll EPUB Exporter, version 3.9.15 or earlier

  • Scroll HTML Exporter, version 3.9.15 or earlier

After updating these apps to the following versions or later, your instance is no longer affected by this security issue.

  • Scroll CHM Exporter, version 3.9.16 or later

  • Scroll DocBook Exporter, version 3.9.16 or later

  • Scroll EclipseHelp Exporter, version 3.9.16 or later

  • Scroll EPUB Exporter, version 3.9.16 or later

  • Scroll HTML Exporter, version 3.9.16 or later

Severity

K15t rates the severity level of this issue as medium, because some technical information can be disclosed to any logged-in user or even anonymous users if public access is enabled.

We've rated this bug with a CVSS score of 4.3 (Medium).

This is our baseline assessment – it's best if you evaluate its applicability to your own IT environment.

Detailed description

Due to insufficient permission checks in a support tools user interface included in Scroll Exporter apps, any Confluence user could get access to the following technical information. This also includes anonymous users if your Confluence instance is configured to be used by anonymous users (public access).

  • Server details such as operating system name or Java version

  • Confluence site details such as Server ID and license type & size

  • Scroll Exporter license details

Example of disclosed data

In addition the disclosed information also contains information about each installed app:

Example of disclosed data

Please note that no user-created data (pages, space, comments, user details, etc.) could be disclosed through this user interface.

This vulnerability has been identified internally and we are not aware of any active exploits.

Steps we've taken to fix this issue

We have taken the following steps to address this issue:

  • Released updates for all Scroll Exporter apps on the Atlassian Marketplace

 What you need to do to solve this issue on your instance

  • A Confluence administrator needs to upgrade any affected Scroll Exporter app versions to a fixed version or later.

We are here to support you

We apologize deeply for any inconvenience this issue has caused you. If you would like assistance in correcting it, then we are here to help.

In case you have any questions or want to get support in fixing the issue on your system please let us know at help@k15t.com. We are happy to schedule a 1:1 screensharing session to help you resolve the issue should you so desire.

Environment

None
Fixed

Assignee

Unassigned

Reporter

Sync User [K15t]

Deployment

Server