13 matches found
Atlassian Confluence: Questions for Confluence App Hardcoded Credentials Vulnerability (CVE-2022-26138)
Over the last few months, Atlassian Confluence has increasingly become a target for attackers. In June 2022, a critical severity OGNL Remote Code Execution vulnerability was disclosed CVE-2022-26134. More recently, CVE-2022-26138 was disclosed on social media platforms in July 2022. In...
Questions for Confluence App Default Credentials (CVE-2022-26138)
The remote confluence web application uses a known set of hard-coded default credentials of the 'Questions for Confluence' marketplace application. An attacker can exploit this to gain administrative access to the remote host. C Tenable, Inc. include'compat.inc'; if description scriptid164091;...
Atlassian Questions for Confluence App Hardcoded Credentials (CVE-2022-26138)
A hardcoded credentials vulnerability exists in Atlassian Questions for Confluence App. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
Exploit for Use of Hard-coded Credentials in Atlassian Questions_For_Confluence
CVE-2022-26138 1. Introduction Confluence Hardcoded Pass...
CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added the recently disclosed Atlassian security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-26138, concerns the use of hard-coded...
Latest Critical Atlassian Confluence Vulnerability Under Active Exploitation
A week after Atlassian rolled out patches to contain a critical flaw in its Questions For Confluence app for Confluence Server and Confluence Data Center, the shortcoming has now come under active exploitation in the wild. The bug in question is CVE-2022-26138, which concerns the use of a...
VulnCheck KEV: CVE-2022-26138
Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group...
Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138
Exploitation is underway for one of the trio of critical Atlassian vulnerabilities that were published last week affecting several the company’s on-premises products. Atlassian has been a focus for attackers, as it was less than two months ago that we observed exploitation of CVE-2022-26134 in...
Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability
Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. The flaw, tracked as CVE-2022-26138, arises when the app in question is enable...
Atlassian Confluence < 7.4.17 / 7.13.x < 7.13.6 / < 7.14.3 / 7.15.x < 7.15.2 / 7.16.x < 7.16.4 / 7.17.x < 7.17.2 (CONFSERVER-79483)
The version of Atlassian Confluence installed on the remote host is prior to 7.4.17 / 7.13.x 7.13.6 / 7.14.x 7.14.3 / 7.15.x 7.15.2 / 7.16.x 7.16.4 / 7.17.x 7.17.2. It is potentially affected by a hard-coded credential vulnerability if the 'Questions for Confluence' app is installed. The Atlassia...
CVE-2022-26138
creationtimestamp| type| source ---|---|--- 2022-07-20 22:12:10+00:00| seen| https://t.me/cibsecurity/46710 2022-07-21 09:41:41+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2752 2022-07-21 10:43:47+00:00| seen| https://t.me/thehackernews/2397 2022-07-21 11:13:53+00:00| seen|...
CVE-2022-26138
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...
CVE-2022-26138
CVE-2022-26138 affects Atlassian’s Questions for Confluence app on Confluence Server/Data Center. The vulnerability arises because the app creates a Confluence user account named disabledsystemuser in the confluence-users group with a hardcoded password, and the account is not disabled by default...