Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-26138

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-26138

Description:
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.
Last updated date:
08/04/2022

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
07/24/2022
Reference url to background

https://twitter.com/Shadowserver/status/1550958400632066048

Type:
exploit
Confidence:
HIGH
Date of publishing:
07/21/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
07/28/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
07/30/2022
Reference url to background

https://github.com/z92g/CVE-2022-26138

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy