The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAtlassian Confluence Data Center
APPAtlassianwszystkie wersjeAtlassian Confluence Server
APPAtlassianwszystkie wersjeAtlassian Questions For Confluence
APPAtlassian2.7.342.7.353.0.2
CISA KEV — detailsi
- Vendori
- Atlassian ↗
- Producti
- Confluence
- Added to KEVi
- July 29, 2022
- Remediation deadline (US Federal)i
- August 19, 2022(overdue)
Apply updates per vendor instructions.
Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group.
Related vulnerabilities
RCE via template injection w Atlassian Confluence Data Center i Server
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Imprope...
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have...
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would a...
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would a...