// For flags

CVE-2022-26138

Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

4
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

-
*SSVC
Descriptions

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.

La aplicación Atlassian Questions For Confluence para Confluence Server y Data Center crea una cuenta de usuario de Confluence en el grupo confluence-users con el nombre de usuario disabledsystemuser y una contraseña embebida. Un atacante remoto no autenticado que conozca la contraseña embebida podría explotar esta situación para iniciar sesión en Confluence y acceder a todo el contenido accesible para usuarios del grupo confluence-users. Esta cuenta de usuario es creada cuando son instaladas las versiones 2.7.34, 2.7.35 y 3.0.2 de la aplicación

Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-02-25 CVE Reserved
  • 2022-07-20 CVE Published
  • 2022-07-22 First Exploit
  • 2022-07-29 Exploited in Wild
  • 2022-08-19 KEV Due Date
  • 2024-09-17 CVE Updated
  • 2024-11-08 EPSS Updated
CWE
  • CWE-798: Use of Hard-coded Credentials
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Atlassian
Search vendor "Atlassian"
Questions For Confluence
Search vendor "Atlassian" for product "Questions For Confluence"
2.7.34
Search vendor "Atlassian" for product "Questions For Confluence" and version "2.7.34"
-
Affected
in Atlassian
Search vendor "Atlassian"
Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
--
Safe
Atlassian
Search vendor "Atlassian"
Questions For Confluence
Search vendor "Atlassian" for product "Questions For Confluence"
2.7.34
Search vendor "Atlassian" for product "Questions For Confluence" and version "2.7.34"
-
Affected
in Atlassian
Search vendor "Atlassian"
Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
--
Safe
Atlassian
Search vendor "Atlassian"
Questions For Confluence
Search vendor "Atlassian" for product "Questions For Confluence"
2.7.35
Search vendor "Atlassian" for product "Questions For Confluence" and version "2.7.35"
-
Affected
in Atlassian
Search vendor "Atlassian"
Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
--
Safe
Atlassian
Search vendor "Atlassian"
Questions For Confluence
Search vendor "Atlassian" for product "Questions For Confluence"
2.7.35
Search vendor "Atlassian" for product "Questions For Confluence" and version "2.7.35"
-
Affected
in Atlassian
Search vendor "Atlassian"
Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
--
Safe
Atlassian
Search vendor "Atlassian"
Questions For Confluence
Search vendor "Atlassian" for product "Questions For Confluence"
3.0.2
Search vendor "Atlassian" for product "Questions For Confluence" and version "3.0.2"
-
Affected
in Atlassian
Search vendor "Atlassian"
Confluence Data Center
Search vendor "Atlassian" for product "Confluence Data Center"
--
Safe
Atlassian
Search vendor "Atlassian"
Questions For Confluence
Search vendor "Atlassian" for product "Questions For Confluence"
3.0.2
Search vendor "Atlassian" for product "Questions For Confluence" and version "3.0.2"
-
Affected
in Atlassian
Search vendor "Atlassian"
Confluence Server
Search vendor "Atlassian" for product "Confluence Server"
--
Safe