×

You're using an outdated browser

For a better experience, keep your browser up to date. Check here for the latest version.

Manual

Scroll Acrolinx Security Advisories

Christoffer Bromberg (K15t Software)

Christoffer Bromberg (K15t Software) Last update: Nov 8, 2018

Forged HTTP Requests can be used by unauthenticated Confluence clients to elevate permissions on the Acrolinx Server (2018-03-19)


Summary

Forged HTTP requests can be used by unauthenticated Confluence clients to elevate permissions on the Acrolinx Server

Advisory release date

2018-03-19

ProductsScroll Acrolinx Connector

Affected Versions

All versions before 3.2.1

Fixed Versions

3.2.1

Jira

Summary

This advisory discloses a security issue of critical severity affecting Scroll Acrolinx Connector for Confluence, and provides a step-by-step guide to help you rectify the issue.

If you have Scroll Acrolinx Connector version 3.2.0 or earlier installed on your Confluence instances you may be affected by this issue. After updating to version 3.2.1, your instance is no longer affected by this security issue.

Severity

K15t Software rates the severity level of this issue as critical, as a user without an account on the Acrolinx Server can execute administration commands.

This is our baseline assessment – it's best if you evaluate its applicability to your own IT environment.

Detailed description

An attacker not authenticated in Confluence can use the proxy embedded in Scroll Acrolinx Connector to send forged HTTP requests in the context of an arbitrary user to the Acrolinx server. The proxy is used for loading the Acrolinx sidebar in the Confluence editor and was not correctly checking user authentication.

This vulnerability may be used to execute any operation the impersonated user is allowed to perform on the Acrolinx server, including but not limited to:

  • accessing documentation content the user would not normally be able to see in Confluence
  • performing administrative operations on the Acrolinx server.

Steps we've taken to fix this issue

We have taken the following steps to address this issue:

  • Released Scroll Acrolinx Connector 3.2.1 update on Atlassian Marketplace
  • Informed all app customers and evaluators who might have been affected

What you need to do to solve this issue on your instance

Prerequisites

To follow these steps, you must have the Confluence Administrator global permission.

Update the app to version 3.2.1

Navigate to Confluence Administration > Manage Add-ons and find Scroll Acrolinx Connector. Click on the app > Update.

We are here to support you

We apologize deeply for any inconvenience this issue has caused you. If you would like assistance in correcting it, then we are here to help.

In case you have any questions or want to get support in fixing the issue on your system please let us know at support@k15t.com. We are happy to schedule a 1:1 screensharing session to help you resolve the issue should you so desire.


2x$versions.current.name
We use cookies to create a secure and effective browsing experience for our website visitors and to understand how you use our site (i.e. Google Analytics). For more information: click here.
Ok