Residence › Vulnerabilities

Atlassian Expects Confluence App Exploitation After Hardcoded Password Leak

By Ionut Arghire on July 25, 2022

Tweet

Atlassian has warned prospects {that a} vulnerability in Questions for Confluence will doubtless be utilized in assaults after somebody made public a chunk of data wanted to use a not too long ago addressed vulnerability.

A information sharing software, Questions for Confluence helps Confluence customers shortly entry info or share it with others, in addition to to attach with specialists when wanted. The appliance is a paid, optionally available add-on and isn’t put in by default on Confluence.

Final week, Atlassian introduced patches for a crucial vulnerability within the software that impacts the Confluence Server and Knowledge Heart merchandise.

Tracked as CVE-2022-26138, the safety subject exists as a result of, when enabled on the impacted merchandise, Questions for Confluence creates a consumer account with the username disabledsystemuser and a hardcoded password.

As a result of the consumer account is added to the confluence-users group, it has entry to non-restricted pages inside Confluence.

Late final week, Atlassian up to date its advisory to warn that somebody has made the hardcoded password public, and to supply further info on find out how to resolve the bug and search for indicators of compromise.

“An exterior social gathering has found and publicly disclosed the hardcoded password on Twitter. You will need to remediate this vulnerability on affected techniques instantly,” Atlassian’s up to date advisory reads.

“This subject is more likely to be exploited within the wild now that the hardcoded password is publicly identified. This vulnerability ought to be remediated on affected techniques instantly,” the advisory continues.

In response to Atlassian, Questions for Confluence at the moment has over 8,000 installations. Methods working Questions for Confluence 2.7.34, 2.7.35, or 3.0.2 are impacted, even when the applying has been eliminated.

“Uninstalling the Questions for Confluence app doesn’t remediate this vulnerability. The disabledsystemuser account doesn’t routinely get eliminated after the app has been uninstalled,” Atlassian warns.

The vulnerability was resolved with the discharge of Questions for Confluence variations 2.7.38 (suitable with Confluence 6.13.18 via 7.16.2) and three.0.5 (suitable with Confluence 7.16.Three and later), which not include the hardcoded password and likewise take away the disabledsystemuser account if it was beforehand created.

Nonetheless, Atlassian warns that, if Confluence is configured to make use of a read-only exterior listing, customers have to manually seek for the disabledsystemuser consumer account and delete or disable it.

“We suggest updating the Questions for Confluence app which can take away this consumer from the system. If this is not attainable for any cause, you need to disable or delete the consumer,” Atlassian notes in an FAQ for CVE-2022-26138.

Associated: Atlassian Patches Servlet Filter Vulnerabilities Impacting A number of Merchandise

Associated: Cisco Patches Extreme Vulnerabilities in Nexus Dashboard

Associated: Oracle Releases 349 New Safety Patches With July 2022 CPU

Get the Each day Briefing

• Most Current
• Most Learn

• Senators Introduce Bipartisan Quantum Computing Cybersecurity Invoice
• Uber Settles With Federal Investigators Over 2016 Knowledge Breach Coverup
• 1,000 Organizations Uncovered to Distant Assaults by FileWave MDM Vulnerabilities
• Up to date TSA Pipeline Cybersecurity Necessities Supply Extra Flexibility
• Atlassian Expects Confluence App Exploitation After Hardcoded Password Leak
• T-Cellular Settles to Pay $350M to Prospects in Knowledge Breach
• SonicWall Warns of Vital GMS SQL Injection Vulnerability
• Chrome Flaw Exploited by Israeli Spy ware Agency Additionally Impacts Edge, Safari
• Intezer Paperwork Highly effective ‘Lightning Framework’ Linux Malware
• New Default Account Lockout Coverage in Home windows 11 Blocks Brute Pressure Assaults

Searching for Malware in All of the Mistaken Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Pc Says About You

Be in a Place to Act By way of Cyber Situational Consciousness

Report Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice 12 months To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

The best way to Establish Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Engaging

The best way to Defend Towards DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

Orbit Brain

https://orbitbrain.com/

Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.