Remote code execution vulnerability in Scroll Viewport

Description

Summary

This advisory discloses a security issue of critical severity affecting Scroll Viewport and provides a step-by-step guide to help you rectify the issue.

If you have any version prior to Scroll Viewport 2.12.2 installed on your Confluence instances you may be affected by this issue. After updating to version 2.12.2, your instance is no longer affected by this security issue.

Severity

K15t Software rates the severity level of this issue as critical, as a remote attacker is able to execute code on your system.

This is our baseline assessment – it's best if you evaluate its applicability to your own IT environment.

Detailed description

Scroll Viewport is affected by a remote code execution vulnerability that enables attackers to execute arbitrary code on your system. This can be used for example, but is not limited to:

  • Elevation of user privileges

  • Installation of additional malicious apps

  • Access to and modification of Confluence content without further permission checks

Any authenticated Confluence user who is able to edit custom Scroll Viewport themes is able to exploit this bug.
By default this ability is limited to Confluence space administrators, however, ordinary users are considered administrators in their personal space - if that Confluence feature is enabled - and can still exploit this bug.

Partial mitigation

Using an advanced plugin setting for Scroll Viewport, Confluence administrators can restrict the capability to edit viewport themes to certain Confluence groups. To do so:

  1. Go to Confluence administration -> Scroll Runtime -> Advanced Plugin Settings.

  2. Select Scroll Viewport from the dropdown box.

  3. Edit the restrictThemeEditingToGroups so it contains only trusted user groups.

Steps we've taken to fix this issue

We have taken the following steps to address this issue:

  • Released Scroll Viewport 2.12.2 update on Atlassian Marketplace

  • Informed all app customers and evaluators who might have been affected

What you need to do to solve this issue on your instance

A Confluence administrator needs to upgrade Scroll Viewport to version 2.12.2 or later.

We are here to support you

We apologize deeply for any inconvenience this issue has caused you. If you would like assistance in correcting it, then we are here to help.

In case you have any questions or want to get support in fixing the issue on your system please let us know at support@k15t.com. We are happy to schedule a 1:1 screen-sharing session to help you resolve the issue should you so desire.

Environment

None

Status

Assignee

Unassigned

Reporter

Jens Rutschmann (K15t)

Labels

None

Participants

None

Deployment

None

Components

Fix versions

Priority