Atlassian Critical Flaws in Almost Everything it Makes and Touches

upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Content source
https://www.theregister.com/2022/07/21/atlassian_critical_security_advisories/
Atlassian has warned users of its Bamboo, Bitbucket, Confluence, Fisheye, Crucible, and Jira products that a pair of critical-rated flaws threaten their security.

The company's July security advisories detail "Servlet Filter dispatcher vulnerabilities." One of the flaws – CVE-2022-26136 – is described as an arbitrary Servlet Filter bypass that means an attacker could send a specially crafted HTTP request to bypass custom Servlet Filters used by third-party apps to enforce authentication. The scary part is that the flaw allows a remote, unauthenticated attacker to bypass authentication used by third-party apps. The really scary part is that Atlassian doesn't have a definitive list of apps that could be impacted.
Click to expand...
www.theregister.com

Atlassian reveals critical flaws across its product line

Fixes issued, warns it 'has not exhaustively enumerated all potential consequences'
www.theregister.com www.theregister.com

Search Atlassian Customers & Their Stories | Atlassian

Atlassian powers teamwork at 170,000+ companies worldwide, regardless of industry or size. Search our customer case studies!
www.atlassian.com www.atlassian.com
White Rabbit Nft GIF by OddballMerc
rabbit hole GIF
 
  • Thanks
  • Wow
  • Like
Reactions: Nevi, dinosaur07, Gandalf_The_Grey and 3 others
upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Hardcoded password in Confluence app has been leaked on Twitter.

What's worse than a widely used Internet-connected enterprise app with a hardcoded password? Try said enterprise app after the hardcoded password has been leaked to the world. Atlassian on Wednesday revealed three critical product vulnerabilities, including CVE-2022-26138 stemming from a hardcoded password in Questions for Confluence, an app that allows users to quickly receive support for common questions involving Atlassian products. The company warned the passcode was "trivial to obtain."

The company said that Questions for Confluence had 8,055 installations at the time of publication. When installed, the app creates a Confluence user account named disabledsystemuser, which is intended to help admins move data between the app and the Confluence Cloud service. The hardcoded password protecting this account allows for viewing and editing of all non-restricted pages within Confluence.
Click to expand...
"This issue is likely to be exploited in the wild now that the hardcoded password is publicly known," the updated advisory read. "This vulnerability should be remediated on affected systems immediately."

The company warned that even when Confluence installations don't actively have the app installed, they may still be vulnerable. Uninstalling the app doesn't automatically remediate the vulnerability because the disabledsystemuser account can still reside on the system.
Click to expand...
arstechnica.com

Hardcoded password in Confluence app has been leaked on Twitter

Advisory had already warned hardcoded password was "trivial to obtain."
arstechnica.com arstechnica.com

 
  • Like
Reactions: Gandalf_The_Grey, Nevi, harlan4096 and 1 other person
You must log in or register to reply here.

Similar threads

MuzzMelbourne
    • Like
Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability
Replies
2
Views
638
News Archive
ForgottenSeer 94654
F
Gandalf_The_Grey
    • Like
    • Applause
    • +Reputation
APC warns of critical unauthenticated RCE flaws in UPS software
Replies
0
Views
1,378
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
vtqhtr413
    • Like
    • +Reputation
Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers
Replies
0
Views
494
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top