Confluence 취약점 해결 가이드 (CVE-2021-26084)
- Ace, Koo
Owned by Ace, Koo
Confluence Server and Data Center is affected by a critical security vulnerability
1. Atlassian에서는 Confluencce의 취약점 발견하여 보안 가이드를 배포 함
이미 고정 버전으로 업그레이드한 경우 추가 조치가 필요하지 않습니다.
Atlassian에서 권고하는 Confluence Version으로 업그레이드하는 것을 권장하지만, 즉시 업그레이드가 불가능할 경우 아래의 Migration 절차에 따라 진행
2. Migration 절차
1) Confluence 서비스 중지
$ <Confluence installed dir>/bin/stop-confluence.sh
2) cve-2021-26084-update.sh 다운로드 후 저장
3) cve-2021-26084-update.sh 생성 후 실행 (sh 파일의 14line에 Confluence 설치 디렉터리 입력 후 저장)
$ ./cve-2021-26084-update.sh
<실행 결과 예>
INSTALLATION_DIRECTORY=/opt/atlassian/confluence
$ chmod 777 cve-2021-26084-update.sh
$ su confluence
$ ./cve-2021-26084-update.sh # 마지막줄 Update completed! 확인
chdir '/opt/atlassian/confluence'
File 1: 'confluence/users/user-dark-features.vm':
a. backing up file.. done
b. updating file.. done
c. showing file changes..
70c70
< #tag( "Component" "label='Enable dark feature:'" "name='featureKey'" "value='$!action.featureKey'" "theme='aui'" "template='text.vm'")
---
> #tag( "Component" "label='Enable dark feature:'" "name='featureKey'" "value=featureKey" "theme='aui'" "template='text.vm'")
d. validating file changes.. ok
e. file updated successfully!
File 2: 'confluence/login.vm':
a. backing up file.. done
b. updating file.. done
c. showing file changes..
147c147
< #tag( "Hidden" "name='token'" "value='$!action.token'" )
---
> #tag( "Hidden" "name='token'" "value=token" )
d. validating file changes.. ok
e. file updated successfully!
File 3: 'confluence/pages/createpage-entervariables.vm':
a. backing up file.. done
b. updating file.. done
c. showing file changes..
24c24
< #tag ("Hidden" "name='queryString'" "value='$!queryString'")
---
> #tag ("Hidden" "name='queryString'" "value=queryString")
26c26
< #tag ("Hidden" "name='linkCreation'" "value='$linkCreation'")
---
> #tag ("Hidden" "name='linkCreation'" "value=linkCreation")
d. validating file changes..ok
e. file updated successfully!
File 4: 'confluence/template/custom/content-editor.vm':
a. backing up file.. done
b. updating file.. done
c. showing file changes..
64c64
< #tag ("Hidden" "name='queryString'" "value='$!queryString'")
---
> #tag ("Hidden" "name='queryString'" "value=queryString")
85c85
< #tag ("Hidden" "id=sourceTemplateId" "name='sourceTemplateId'" "value='${templateId}'")
---
> #tag ("Hidden" "id=sourceTemplateId" "name='sourceTemplateId'" "value=templateId")
d. file updated successfully!
File 5: 'confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader*.jar':
a. extracting templates/editor-preload-container.vm from confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar..
Archive: confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar
inflating: ./templates/editor-preload-container.vm
b. updating file.. done
c. showing file changes..
56c56
< #tag ("Hidden" "id=syncRev" "name='syncRev'" "value='$!{action.syncRev}'")
---
> #tag ("Hidden" "id=syncRev" "name='syncRev'" "value=syncRev")
d. validating file changes.. ok
e. updating confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar with ./templates/editor-preload-container.vm..updating: templates/editor-preload-container.vm (deflated 59%)
-rw-r--r-- 1 confluence confluence 13404 Sep 7 11:31 confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar
f. cleaning up temp files..ok
g. extracting templates/editor-preload-container.vm from confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar again to check changes within JAR..
Archive: confluence/WEB-INF/atlassian-bundled-plugins/confluence-editor-loader-7.4.3.jar
inflating: ./templates/editor-preload-container.vm
h. validating file changes for file within updated JAR.. ok
i. cleaning up temp files..ok
Update completed!