CVE-2022-26138
Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
YesDecision
Descriptions
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.
La aplicación Atlassian Questions For Confluence para Confluence Server y Data Center crea una cuenta de usuario de Confluence en el grupo confluence-users con el nombre de usuario disabledsystemuser y una contraseña embebida. Un atacante remoto no autenticado que conozca la contraseña embebida podría explotar esta situación para iniciar sesión en Confluence y acceder a todo el contenido accesible para usuarios del grupo confluence-users. Esta cuenta de usuario es creada cuando son instaladas las versiones 2.7.34, 2.7.35 y 3.0.2 de la aplicación
Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-02-25 CVE Reserved
- 2022-07-20 CVE Published
- 2022-07-22 First Exploit
- 2022-07-29 Exploited in Wild
- 2022-08-19 KEV Due Date
- 2024-09-17 CVE Updated
- 2024-11-08 EPSS Updated
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (6)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://github.com/alcaparra/CVE-2022-26138 | 2022-07-26 | |
https://github.com/z92g/CVE-2022-26138 | 2022-07-30 | |
https://github.com/Vulnmachines/Confluence-Question-CVE-2022-26138- | 2022-07-28 | |
https://github.com/shavchen/CVE-2022-26138 | 2022-07-22 |
URL | Date | SRC |
---|---|---|
https://jira.atlassian.com/browse/CONFSERVER-79483 | 2022-08-04 |
URL | Date | SRC |
---|---|---|
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html | 2022-08-04 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Atlassian Search vendor "Atlassian" | Questions For Confluence Search vendor "Atlassian" for product "Questions For Confluence" | 2.7.34 Search vendor "Atlassian" for product "Questions For Confluence" and version "2.7.34" | - |
Affected
| in | Atlassian Search vendor "Atlassian" | Confluence Data Center Search vendor "Atlassian" for product "Confluence Data Center" | - | - |
Safe
|
Atlassian Search vendor "Atlassian" | Questions For Confluence Search vendor "Atlassian" for product "Questions For Confluence" | 2.7.34 Search vendor "Atlassian" for product "Questions For Confluence" and version "2.7.34" | - |
Affected
| in | Atlassian Search vendor "Atlassian" | Confluence Server Search vendor "Atlassian" for product "Confluence Server" | - | - |
Safe
|
Atlassian Search vendor "Atlassian" | Questions For Confluence Search vendor "Atlassian" for product "Questions For Confluence" | 2.7.35 Search vendor "Atlassian" for product "Questions For Confluence" and version "2.7.35" | - |
Affected
| in | Atlassian Search vendor "Atlassian" | Confluence Data Center Search vendor "Atlassian" for product "Confluence Data Center" | - | - |
Safe
|
Atlassian Search vendor "Atlassian" | Questions For Confluence Search vendor "Atlassian" for product "Questions For Confluence" | 2.7.35 Search vendor "Atlassian" for product "Questions For Confluence" and version "2.7.35" | - |
Affected
| in | Atlassian Search vendor "Atlassian" | Confluence Server Search vendor "Atlassian" for product "Confluence Server" | - | - |
Safe
|
Atlassian Search vendor "Atlassian" | Questions For Confluence Search vendor "Atlassian" for product "Questions For Confluence" | 3.0.2 Search vendor "Atlassian" for product "Questions For Confluence" and version "3.0.2" | - |
Affected
| in | Atlassian Search vendor "Atlassian" | Confluence Data Center Search vendor "Atlassian" for product "Confluence Data Center" | - | - |
Safe
|
Atlassian Search vendor "Atlassian" | Questions For Confluence Search vendor "Atlassian" for product "Questions For Confluence" | 3.0.2 Search vendor "Atlassian" for product "Questions For Confluence" and version "3.0.2" | - |
Affected
| in | Atlassian Search vendor "Atlassian" | Confluence Server Search vendor "Atlassian" for product "Confluence Server" | - | - |
Safe
|