14 DAY TRIAL // Command Five – a company that focuses on cyber security research, training and consultancy – has published an advisory to warn users about vulnerabilities in Atlassian Crowd, a turnkey solution for enterprise scale single sign-on and secure user authentication.
Over 25,000 companies from all over the world rely on Atlassian’s solutions, including organizations from the automotive, consulting, education, engineering, entertainment, government, health and other industries.
According to the advisory published by Command Five, Crowd users should update their installations as soon as possible because an exploit for a vulnerability discovered in 2012 has become widely available.
The security hole can be leveraged by an attacker to retrieve data and files from the Crowd server by crafting entity URLs. In addition, the flaw can be leveraged for denial-of-service (DOS) attacks.
“If a hacker uses the vulnerability to retrieve a file containing credentials, they can then authenticate with the Crowd server directly, or use the exploit again to bypass trusted proxy/remote address validation as described above,” the advisory reads.
“Successful exploitation of this vulnerability can (but does not necessarily) lead to a hacker taking full control of an organisation’s single signon service, potentially resulting in a catastrophic security event. Regardless, successful exploitation is likely to enable high velocity lateral movement within the targeted organization,” researchers explain.
However, the patched vulnerability is not the main concern. Command Five says there is at least one critical vulnerability in Crowd that hasn’t been patched.
The flaw can be exploited by an unauthenticated remote attacker to take full control of any Crowd server they can connect to.
Cybercriminals can compromise application credentials, user credentials, data storage, configured directories and dependent secure systems.
The details of this backdoor will be made available by experts only after Atlassian addresses the issue.