February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-43781 – Atlassian Bitbucket Server and Data Center Vulnerability
November 23, 2022Rewterz Threat Alert – APT38 Hidden Cobra aka Lazarus – Active IOCs
November 24, 2022Rewterz Threat Advisory – CVE-2022-43781 – Atlassian Bitbucket Server and Data Center Vulnerability
November 23, 2022Rewterz Threat Alert – APT38 Hidden Cobra aka Lazarus – Active IOCs
November 24, 2022
Severity
High
Analysis Summary
CVE-2022-42977 CVSS:7.5
The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to generate a list of users in the application, and export it. During export, the HTTP request has a fileName parameter that accepts any file on the system (e.g., an SSH private key) to be downloaded.
CVE-2022-42978 CVSS:7.5
In the Netic User Export add-on before 1.3.5 for Atlassian Confluence, authorization is mishandled. An unauthenticated attacker could access files on the remote system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-42977
- CVE-2022-42978
Affected Vendors
Atlassian
Affected Products
- confluence data center 1.3.4
Remediation
Refer to Gist GitHub for patch, upgrade or suggested workaround information.
Gist GitHub