Threat Advisory

Critical Atlassian Confluence Vulnerability Under Active Exploitation

August 1, 2022 | By Accorian

Last week, Atlassian released a patch for a critical flaw in its Question for Confluence app for Confluence Server and Confluence Data Center. The vulnerability was tracked as CVE-2022-26138 and was considered a critical severity. The issue existed because the Questions for Confluence application creates a user account with a hardcoded password when the username disabledsystemuser is used. The disabledsystemuser account is then by default added to the confluence-users group, which allows viewing and editing of all non-restricted pages. 

A few days after the fix was rolled out, the hardcoded password was leaked on social media, igniting this vulnerability’s active exploitation. The vulnerability only exists when the Questions for Confluence app is enabled on the affected versions. These are Questions for Confluence 2.7.x, 2.7.34, 2.7.35, Questions for Confluence, 3.0.x, 3.0.2. 

Accorian urges all its customers to update their on-premises instances to the latest versions (2.7.38 and 3.0.5) as soon as possible or take steps to disable/delete the disabledsystemuser account. Uninstalling the Questions for Confluence app does not remediate the flaw, as the created account does not get automatically removed after the app has been uninstalled. Atlassian’s advisory also includes information on how to look for evidence of exploitation. 

Accorian can help identify this vulnerability in your environment.  

Source: https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html 

Threat Advisory Team 

Accorian

Recent Post

    Ready to Start?



      Ready to Start?



        Download Case study




          Download Guide




          Human Resources Director

          Posted On: 09 May, 2022

          Drop your CVs to joinourteam@accorian.com

            Interested Position

            First Name

            Last Name

            Email

            Total Experience

            Mobile Number

            Upload Resume