Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Atlassian Confluence Server 5.9.x < 5.9.14 Secret Key Disclosure

Medium

Synopsis

The remote Confluence server is affected by a secret key disclosure vulnerability.

Description

Versions of Confluence 5.9.x prior to 5.9.14 are affected by a flaw that may result in the secret key used for linked instance communication being exposed. This may allow an authenticated remote attacker to disclose it and gain full control over a linked HipChat instance.

Solution

Upgrade to Confluence 5.9.x version 5.9.14 or later.