Vulmon
Confluence Hardcoded Password POC
CVE-2022-26138 1简介 Confluence Hardcoded Password POC 2用法 poc -f hosttxt // 批量扫描 poc -h 19216811 // 单个扫描 3免责声明 此工具仅用于学习、研究和自查。 不应用于非法目的,请遵守相关法律法规。 使用本工具产生的任何风险与本人无关!
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
atlassian questions_for_confluence 3.0.2 |
||
atlassian questions_for_confluence 2.7.35 |
||
atlassian questions_for_confluence 2.7.34 |
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Fixes issued, warns it 'has not exhaustively enumerated all potential consequences' What do you want The Register to do for you?
Atlassian has warned users of its Bamboo, Bitbucket, Confluence, Fisheye, Crucible, and Jira products that a pair of critical-rated flaws threaten their security. The company's July security advisories detail "Servlet Filter dispatcher vulnerabilities." One of the flaws – CVE-2022-26136 – is described as an arbitrary Servlet Filter bypass that means an attacker could send a specially crafted HTTP request to bypass custom Servlet Filters used by third-party apps to enforce authentication. The...