Remote code execution vulnerability in Scroll Viewport 2019-06-17
Description
Summary
This advisory discloses a security issue of critical severity affecting Scroll Viewport and provides a step-by-step guide to help you rectify the issue.
If you have any version prior to Scroll Viewport 2.12.2 installed on your Confluence instances you may be affected by this issue. After updating to version 2.12.2, your instance is no longer affected by this security issue.
Severity
K15t Software rates the severity level of this issue as critical, as a remote attacker is able to execute code on your system.
This is our baseline assessment – it's best if you evaluate its applicability to your own IT environment.
Detailed description
Scroll Viewport is affected by a remote code execution vulnerability that enables attackers to execute arbitrary code on your system. This can be used for example, but is not limited to:
Elevation of user privileges
Installation of additional malicious apps
Access to and modification of Confluence content without further permission checks
Any authenticated Confluence user who is able to edit custom Scroll Viewport themes is able to exploit this bug. By default this ability is limited to Confluence space administrators, however, ordinary users are considered administrators in their personal space - if that Confluence feature is enabled - and can still exploit this bug.
Partial mitigation
Using an advanced plugin setting for Scroll Viewport, Confluence administrators can restrict the capability to edit viewport themes to certain Confluence groups. To do so:
Go to Confluence administration -> Scroll Runtime -> Advanced Plugin Settings.
Select Scroll Viewport from the dropdown box.
Edit the restrictThemeEditingToGroups so it contains only trusted user groups.
Steps we've taken to fix this issue
We have taken the following steps to address this issue:
Released Scroll Viewport 2.12.2 update on Atlassian Marketplace
Informed all app customers and evaluators who might have been affected
What you need to do to solve this issue on your instance
A Confluence administrator needs to upgrade Scroll Viewport to version 2.12.2 or later.
We are here to support you
We apologize deeply for any inconvenience this issue has caused you. If you would like assistance in correcting it, then we are here to help.
In case you have any questions or want to get support in fixing the issue on your system please let us know at support@k15t.com. We are happy to schedule a 1:1 screen-sharing session to help you resolve the issue should you so desire.
Summary
This advisory discloses a security issue of critical severity affecting Scroll Viewport and provides a step-by-step guide to help you rectify the issue.
If you have any version prior to Scroll Viewport 2.12.2 installed on your Confluence instances you may be affected by this issue. After updating to version 2.12.2, your instance is no longer affected by this security issue.
Severity
K15t Software rates the severity level of this issue as critical, as a remote attacker is able to execute code on your system.
This is our baseline assessment – it's best if you evaluate its applicability to your own IT environment.
Detailed description
Scroll Viewport is affected by a remote code execution vulnerability that enables attackers to execute arbitrary code on your system. This can be used for example, but is not limited to:
Elevation of user privileges
Installation of additional malicious apps
Access to and modification of Confluence content without further permission checks
Any authenticated Confluence user who is able to edit custom Scroll Viewport themes is able to exploit this bug.
By default this ability is limited to Confluence space administrators, however, ordinary users are considered administrators in their personal space - if that Confluence feature is enabled - and can still exploit this bug.
Partial mitigation
Using an advanced plugin setting for Scroll Viewport, Confluence administrators can restrict the capability to edit viewport themes to certain Confluence groups. To do so:
Go to Confluence administration -> Scroll Runtime -> Advanced Plugin Settings.
Select Scroll Viewport from the dropdown box.
Edit the restrictThemeEditingToGroups so it contains only trusted user groups.
Steps we've taken to fix this issue
We have taken the following steps to address this issue:
Released Scroll Viewport 2.12.2 update on Atlassian Marketplace
Informed all app customers and evaluators who might have been affected
What you need to do to solve this issue on your instance
A Confluence administrator needs to upgrade Scroll Viewport to version 2.12.2 or later.
We are here to support you
We apologize deeply for any inconvenience this issue has caused you. If you would like assistance in correcting it, then we are here to help.
In case you have any questions or want to get support in fixing the issue on your system please let us know at support@k15t.com. We are happy to schedule a 1:1 screen-sharing session to help you resolve the issue should you so desire.