Atlassian Confluence - Authentication Bypass (CVE-2022-26138)

Name: Atlassian Confluence - Authentication Bypass (CVE-2022-26138)
Published: 2022-08-03T00:00:00.000Z

Severity
CVE: CVE-2022-26138
CVSSv3 Score: 9.8
Exploitable with Sniper: No
Vulnerability description: Atlassian Confluence server is affected by an Authentication Bypass vulnerability, located in the Questions for Confluence application that is installed on the target server. The root cause of this vulnerability is the adding of an user, disabledsystemuser, by the installer process of Questions for Confluence which comes with the following hard-coded password: disabled1system1user6708. An attacker can exploit this vulnerability to log into Confluence in order to access confidential data and resources based on the permissions granted to disabledsystemuser.
Risk description: The risk exists that a remote unauthenticated attacker could exploit this vulnerability and steal sensitive information.
Recommendation: Applying the latest Atlassian patch for the Questions for Confluence application, will fix this vulnerability.
References: https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html
Detectable with: Network Scanner
Vuln date: Jul 2022
Published at: Aug 2022
Updated at: Aug 2022
Software Type: Collaboration software
Vendor: Atlassian
Product: Questions for Confluence
Codename: Not available