CVE-2022-26138 - OpenCVE

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Atlassian	Confluence Data Center Confluence Server Questions For Confluence

Configuration 1 [-]

AND

OR	cpe:2.3:a:atlassian:questions_for_confluence:2.7.34:::::::*
	cpe:2.3:a:atlassian:questions_for_confluence:2.7.35:::::::*
	cpe:2.3:a:atlassian:questions_for_confluence:3.0.2:::::::*

OR	cpe:2.3:a:atlassian:confluence_data_center:-:::::::*
	cpe:2.3:a:atlassian:confluence_server:-:::::::*

No data.

References

Link	Providers
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html
https://jira.atlassian.com/browse/CONFSERVER-79483

History

No history.

MITRE

Status: PUBLISHED

Assigner: atlassian

Published: 2022-07-20T17:25:26.913198Z

Updated: 2024-09-17T00:26:51.177Z

Reserved: 2022-02-25T00:00:00

Link: CVE-2022-26138

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-07-20T18:15:08.617

Modified: 2022-08-04T14:13:04.353

Link: CVE-2022-26138

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Questions For Confluence", "vendor": "Atlassian", "versions": [{"status": "affected", "version": "2.7.34"}, {"status": "affected", "version": "2.7.35"}, {"status": "affected", "version": "3.0.2"}]}], "datePublic": "2022-07-20T00:00:00", "descriptions": [{"lang": "en", "value": "The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "Use of Hard-coded Credentials (CWE-798)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-20T17:25:26", "orgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "shortName": "atlassian"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://jira.atlassian.com/browse/CONFSERVER-79483"}, {"tags": ["x_refsource_MISC"], "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@atlassian.com", "DATE_PUBLIC": "2022-07-20T00:00:00", "ID": "CVE-2022-26138", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Questions For Confluence", "version": {"version_data": [{"version_affected": "=", "version_value": "2.7.34"}, {"version_affected": "=", "version_value": "2.7.35"}, {"version_affected": "=", "version_value": "3.0.2"}]}}]}, "vendor_name": "Atlassian"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use of Hard-coded Credentials (CWE-798)"}]}]}, "references": {"reference_data": [{"name": "https://jira.atlassian.com/browse/CONFSERVER-79483", "refsource": "MISC", "url": "https://jira.atlassian.com/browse/CONFSERVER-79483"}, {"name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html", "refsource": "MISC", "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:56:37.662Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://jira.atlassian.com/browse/CONFSERVER-79483"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html"}]}]}, "cveMetadata": {"assignerOrgId": "f08a6ab8-ed46-4c22-8884-d911ccfe3c66", "assignerShortName": "atlassian", "cveId": "CVE-2022-26138", "datePublished": "2022-07-20T17:25:26.913198Z", "dateReserved": "2022-02-25T00:00:00", "dateUpdated": "2024-09-17T00:26:51.177Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"cisaActionDue": "2022-08-19", "cisaExploitAdd": "2022-07-29", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:questions_for_confluence:2.7.34:*:*:*:*:*:*:*", "matchCriteriaId": "A0CE5D29-4DCB-48E5-9F1E-E603E5F6C27E", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:questions_for_confluence:2.7.35:*:*:*:*:*:*:*", "matchCriteriaId": "60DEB66E-75A9-4C34-9E06-037BE1B263EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:questions_for_confluence:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8AD33916-41E6-45BB-A6CC-9ECD4F11A529", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:confluence_data_center:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5AB7C4D-ED56-4AB5-BD03-CA807D11C46E", "vulnerable": false}, {"criteria": "cpe:2.3:a:atlassian:confluence_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9157ABD-3C98-4742-AE63-EAD7504CDB22", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app."}, {"lang": "es", "value": "La aplicaci\u00f3n Atlassian Questions For Confluence para Confluence Server y Data Center crea una cuenta de usuario de Confluence en el grupo confluence-users con el nombre de usuario disabledsystemuser y una contrase\u00f1a embebida. Un atacante remoto no autenticado que conozca la contrase\u00f1a embebida podr\u00eda explotar esta situaci\u00f3n para iniciar sesi\u00f3n en Confluence y acceder a todo el contenido accesible para usuarios del grupo confluence-users. Esta cuenta de usuario es creada cuando son instaladas las versiones 2.7.34, 2.7.35 y 3.0.2 de la aplicaci\u00f3n"}], "id": "CVE-2022-26138", "lastModified": "2022-08-04T14:13:04.353", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-20T18:15:08.617", "references": [{"source": "security@atlassian.com", "tags": ["Vendor Advisory"], "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html"}, {"source": "security@atlassian.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://jira.atlassian.com/browse/CONFSERVER-79483"}], "sourceIdentifier": "security@atlassian.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "security@atlassian.com", "type": "Secondary"}]}