Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hiveproHive ProHIVEPRO:D92A8F5DF20362E41FF86142A0BECE42
HistoryJul 25, 2022 - 11:10 a.m.

Critical Vulnerabilities in Multiple Atlassian Products being exploited-in-wild

2022-07-2511:10:10
Hive Pro
www.hivepro.com
148
JSON

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Atlassian has released patches to address a critical security flaw, being tracked as CVE-2022-26138 involving the usage of hard-coded credentials in the Questions For Confluence app for Confluence Server and Confluence Data Center. Additionally, CVE-2022-26136 has been assigned to an authentication bypass and cross-site scripting (XSS) vulnerabilities and CVE-2022-26137 has been assigned to a Cross-origin resource sharing (CORS) bypass vulnerability. Both CVEs impact multiple Atlassian products.

Related

thn 3
rapid7blog 4
nessus 19
atlassian 9
talosblog 1
attackerkb 1
githubexploit 2
checkpoint_advisories 1
cisa 1
cve 3
prion 3
cisa_kev 1
nuclei 1
qualysblog 3
avleonov 1
thn
thn
Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability
2022-07-21 08:41:00
Latest Critical Atlassian Confluence Vulnerability Under Active Exploitation
2022-07-29 03:19:00
CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks
2022-07-30 03:54:00
rapid7blog
rapid7blog
Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138
2022-07-27 19:26:38
CVE-2022-36804: Easily Exploitable Vulnerability in Atlassian Bitbucket Server and Data Center
2022-09-20 15:14:26
Active Exploitation of Multiple Vulnerabilities in Zimbra Collaboration Suite
2022-08-17 12:55:18
nessus
nessus
Atlassian Jira < 8.13.22 Multiple Servlet Filter Vulnerabilities
2022-07-28 00:00:00
Atlassian Confluence 7.15.x < 7.15.2 Multiple Servlet Filter Vulnerabilities
2022-07-28 00:00:00
Atlassian Confluence < 7.4.17 Multiple Servlet Filter Vulnerabilities
2022-07-28 00:00:00
atlassian
atlassian
JSM: Multiple Servlet Filter Vulnerabilities
2022-07-05 16:36:03
Jira: Multiple Servlet Filter Vulnerabilities
2022-06-09 20:36:47
Bamboo: Multiple Servlet Filter Vulnerabilities
2022-07-05 16:48:15
talosblog
talosblog
Threat Source newsletter (Aug. 4, 2022) β€” BlackHat 2022 preview
2022-08-04 18:00:00
attackerkb
attackerkb
CVE-2022-26138
2022-07-20 00:00:00
githubexploit
githubexploit
Exploit for Use of Hard-coded Credentials in Atlassian Questions For Confluence
2022-07-28 09:48:21
Exploit for Use of Hard-coded Credentials in Atlassian Questions For Confluence
2022-07-30 07:14:52
checkpoint_advisories
checkpoint_advisories
Atlassian Questions for Confluence App Hardcoded Credentials (CVE-2022-26138)
2022-08-08 00:00:00
cisa
cisa
Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138
2022-07-22 00:00:00
cve
cve
CVE-2022-26138
2022-07-20 18:15:00
CVE-2022-26136
2022-07-20 18:15:00
CVE-2022-26137
2022-07-20 18:15:00
prion
prion
Hardcoded credentials
2022-07-20 18:15:00
Cross site scripting
2022-07-20 18:15:00
Design/Logic Flaw
2022-07-20 18:15:00
cisa_kev
cisa_kev
Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability
2022-07-29 00:00:00
nuclei
nuclei
Atlassian Questions For Confluence - Hardcoded Credentials
2022-07-21 15:23:23
qualysblog
qualysblog
Atlassian Confluence: Questions for Confluence App Hardcoded Credentials Vulnerability (CVE-2022-26138)
2022-08-17 10:12:53
Introducing Qualys Threat Research Thursdays
2022-09-01 21:00:00
August 2022 Patch Tuesday | Microsoft Releases 121 Vulnerabilities with 17 Critical, plus 20 Microsoft Edge (Chromium-Based); Adobe Releases 5 Advisories, 25 Vulnerabilities with 15 Critical.
2022-08-09 20:00:00
avleonov
avleonov
Vulnerability Management news and publications #2
2022-08-14 11:30:44
JSON
Related for HIVEPRO:D92A8F5DF20362E41FF86142A0BECE42
thn3rapid7blog4nessus19atlassian9talosblog1attackerkb1githubexploit2checkpoint_advisories1cisa1cve3prion3cisa_kev1nuclei1qualysblog3avleonov1