Protect Your XWiki Platform from Rollback Attacks

CVECVE-2024-21648
CVSScvssV3_1: 8
SourceCVE-2024-21648

XWiki Platform is an open source wiki software that allows users to collaboratively edit and manage content. Researchers discovered a vulnerability in older versions of XWiki Platform that could allow attackers to gain unauthorized access.

The issue stems from a missing access control when rolling back wiki pages to previous versions. By exploiting this, an attacker could rollback a page they no longer had access to and assume the permissions of the previous editor. This effectively grants the attacker higher privileges on the wiki.

To perform the attack, the attacker would need to identify a page they previously had access to edit but was later restricted from. They would then rollback that page to a time when they did have permissions. This bypass would give the attacker control over that page and potentially more areas of the wiki.

The good news is that this vulnerability has been addressed in recent XWiki Platform releases. Users are encouraged to upgrade to version 14.10.17 or higher to protect their wiki from this rollback attack scenario. Administrators should also carefully manage access rights and monitor the wiki for any suspicious activity involving page rollbacks.

By keeping your XWiki Platform software updated, you can help prevent attackers from exploiting vulnerabilities and compromising your wiki collaboration environment. Stay vigilant and always verify the source of software updates.

References