Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.

Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability

July 21, 2022
Atlassian Confluence Vulnerability

Atlassian has actually presented repairs to remediate a crucial safety and security susceptability concerning making use of hard-coded qualifications influencing the Questions For Confluence application for Convergence Web server as well as Convergence Information Facility.

The defect, tracked as CVE-2022-26138, emerges when the application concerned is made it possible for on either of 2 solutions, triggering it to produce a Convergence individual account with the username “disabledsystemuser.”

While this account, Atlassian claims, is to aid managers move information from the application to Convergence Cloud, it’s likewise developed with a hard-coded password, successfully enabling watching as well as editing and enhancing all non-restricted web pages within Convergence by default.


” A remote, unauthenticated assaulter with expertise of the hard-coded password might manipulate this to log right into Convergence as well as gain access to any kind of web pages the confluence-users group has accessibility to,” the business said in an advising, including that “the hard-coded password is minor to get after downloading and install as well as assessing afflicted variations of the application.”

Concerns for Convergence variations 2.7.34, 2.7.35, as well as 3.0.2 are affected by the defect, with repairs offered in variations 2.7.38 as well as 3.0.5. Additionally, individuals can disable or delete the disabledsystemuser account.

While Atlassian has actually mentioned that there’s no proof of energetic exploitation of the defect, individuals can seek signs of concession by examining the last verification time for the account. “If the last verification time for disabledsystemuser is void, that indicates the account exists yet no person has actually ever before logged right into it,” it claimed.

Individually, the Australian software application business likewise relocated to spot a set of important imperfections, which it calls servlet filter dispatcher susceptabilities, influencing numerous items –

  • Bamboo Web Server as well as Information Facility
  • Bitbucket Web Server as well as Information Facility
  • Convergence Web Server as well as Information Facility
  • Group Web Server as well as Information Facility
  • Fisheye as well as Crucible
  • Jira Web Server as well as Information Facility, as well as
  • Jira Solution Administration Web Server as well as Information Facility

Effective exploitation of the insects, tracked as CVE-2022-26136 as well as CVE-2022-26137, might allow an unauthenticated, remote assaulter to bypass verification made use of by third-party applications, carry out approximate JavaScript code, as well as prevent the cross-origin source sharing (CORS) internet browser system by sending out a particularly crafted HTTP demand.

” Atlassian has actually launched updates that take care of the origin of this susceptability, yet has not extensively identified all possible effects of this susceptability,” the business cautioned in its consultatory pertaining to CVE-2022-26137.

Posted in SecurityTags:
Write a comment