Spoofing attack in Atlassian Confluence
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-13389 |
| CWE-ID | CWE-451 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Atlassian Confluence Server Server applications / Web servers |
| Vendor | Atlassian |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Spoofing attack
EUVDB-ID: #VU14023
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-13389
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct spoofing attack.
The weakness exists in the attachment due to an error when handling malicious input. A remote attacker can supply specially crafted attachments that have a content-type of application/rdf+xml, spoof web content in the Mozilla Firefox Browser.
Update to version 6.6.1, 6.7.0.
Vulnerable software versionsAtlassian Confluence Server: 6.4.3
CPE2.3 External linkshttp://jira.atlassian.com/browse/CONFSERVER-54906
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
