Confluence 취약점 Mitigation 대응 가이드 (CVE-2021-26084)

6798 ワード

CVE-2021-26084 Confluence Atlassian wiki injection Confluence テキストリンク

TL;DR

Confluence 서버와 데이타센터 버전에서 보안 취약점 CVE-2021-26084 발표 (Webwork OGNL injection)
https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html 의 Mitigation 과정을 기록
- 결국은 .vm 파일 수정인데요. 부담 없이 진행해도 됩니다!

Mitigation 방법 (Workaround)

당장 업그레이드가 어려울 경우, 임시로 대응이 필요할 경우 적용하면 됩니다.
Confluence 중지/재시작이 필요합니다.

1) Confuence 중지

# /opt/atlassian/confluence/ 하위에 Confluence 설치되어 있다고 가정
$ su confluence
$ /opt/atlassian/confluence/bin/stop-confluence.sh

2) cve-2021-26084-update.sh 적용

# vi cve-2021-26084-update.sh 14번째줄 수정
INSTALLATION_DIRECTORY=/opt/atlassian/confluence

$ chmod 777 cve-2021-26084-update.sh
$ su confluence
$ ./cve-2021-26084-update.sh # 마지막줄 Update completed! 확인

chdir '/opt/atlassian/confluence'

File 1: 'confluence/users/user-dark-features.vm':
   a. backing up file.. done
   b. updating file.. done
   c. showing file changes..
70c70
<             #tag( "Component" "label='Enable dark feature:'" "name='featureKey'" "value='$!action.featureKey'" "theme='aui'" "template='text.vm'")
---
>             #tag( "Component" "label='Enable dark feature:'" "name='featureKey'" "value=featureKey" "theme='aui'" "template='text.vm'")
   d. validating file changes.. ok
   e. file updated successfully!

File 2: 'confluence/login.vm':
   a. backing up file.. done
   b. updating file.. done
   c. showing file changes..
147c147
<                         #tag( "Hidden" "name='token'" "value='$!action.token'" )
---
>                         #tag( "Hidden" "name='token'" "value=token" )
   d. validating file changes.. ok
   e. file updated successfully!

File 3: 'confluence/pages/createpage-entervariables.vm':
   a. backing up file.. done
   b. updating file.. done
   c. showing file changes..
24c24
<                 #tag ("Hidden" "name='queryString'" "value='$!queryString'")
---
>                 #tag ("Hidden" "name='queryString'" "value=queryString")
26c26
<                 #tag ("Hidden" "name='linkCreation'" "value='$linkCreation'")
---
>                 #tag ("Hidden" "name='linkCreation'" "value=linkCreation")
   d. validating file changes..ok
   e. file updated successfully!

File 4: 'confluence/template/custom/content-editor.vm':
   a. backing up file.. done
   b. updating file.. done
   c. showing file changes..
64c64
<         #tag ("Hidden" "name='queryString'" "value='$!queryString'")
---
>         #tag ("Hidden" "name='queryString'" "value=queryString")
85c85
<             #tag ("Hidden" "id=sourceTemplateId" "name='sourceTemplateId'" "value='${templateId}'")
---
>             #tag ("Hidden" "id=sourceTemplateId" "name='sourceTemplateId'" "value=templateId")
   d. file updated successfully!

File 5: 'confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader*.jar':
   a. extracting templates/editor-preload-container.vm from confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar..
Archive:  confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar
  inflating: ./templates/editor-preload-container.vm
   b. updating file.. done
   c. showing file changes..
56c56
< #tag ("Hidden" "id=syncRev" "name='syncRev'" "value='$!{action.syncRev}'")
---
> #tag ("Hidden" "id=syncRev" "name='syncRev'" "value=syncRev")
   d. validating file changes.. ok
   e. updating confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar with ./templates/editor-preload-container.vm..updating: templates/editor-preload-container.vm (deflated 59%)
-rw-r--r-- 1 confluence confluence 13404 Sep  7 11:31 confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar
   f. cleaning up temp files..ok
   g. extracting templates/editor-preload-container.vm from confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar again to check changes within JAR..
Archive:  confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar
  inflating: ./templates/editor-preload-container.vm
   h. validating file changes for file within updated JAR.. ok
   i. cleaning up temp files..ok

Update completed!

3) Confluence 재시작

$ su confluence
$ /opt/atlassian/confluence/bin/start-confluence.sh

4) Confluence 정상동작 확인

참고

Author And Source

この問題について(Confluence 취약점 Mitigation 대응 가이드 (CVE-2021-26084)), 我々は、より多くの情報をここで見つけました https://qiita.com/leechungkyu/items/0fdc85b4246479f1a0be

著者帰属：元の著者の情報は、元のURLに含まれています。著作権は原作者に属する。

Content is automatically searched and collected through network algorithms . If there is a violation . Please contact us . We will adjust (correct author information ,or delete content ) as soon as possible .