Lucene search

K
cisaCISACISA:B99FA8E68B4D7FF5BA1F6693AC9C7CCF
HistoryJul 22, 2022 - 12:00 a.m.

Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138

2022-07-2200:00:00
us-cert.cisa.gov
21

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.972 High

EPSS

Percentile

99.8%

Atlassian has released a security advisory to address a vulnerability (CVE-2022-26138) affecting Questions for Confluence App. An attacker could exploit this vulnerability to obtain sensitive information. Atlassian reports that the vulnerability is likely to be exploited in the wild.

CISA encourages users and administrators to review Atlassian’s security advisory, Questions For Confluence Security Advisory 2022-07-20, and apply the necessary updates immediately.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.972 High

EPSS

Percentile

99.8%