© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Attackers exploit Atlassian’s hard-coded password bug

Researchers claim that hard-coded password vulnerability in the Atlassian Questions For Confluence app has been under active exploitation.

Problems mount for Atlassian as threat actors find exploits for the latest bugs in the company’s Confluence platform. Last week the company announced a critical vulnerability, CVE-2022-26138, in its Questions for Confluence app that allows users to receive support on Atlassian products.

“A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access any pages the confluence-users group has access to,” the company said.

Since the hard-coded password leaked on Twitter, Atlassian deemed the issue severe, adding that the vulnerability will likely be exploited in the wild. That’s precisely what researchers at cybersecurity firm Rapid7 discovered.

“[...] it didn’t take long [...] to observe exploitation once the hardcoded credentials were released, given the high value of Confluence for attackers who often jump on Confluence vulnerabilities to execute ransomware attacks,“ Glenn Thorpe, a security researcher at Rapid7 said.

Researchers claim that the hard-coded password vulnerability impacts Confluence Server and Confluence Data Center software. However, researchers claim that the exploit only works when the Questions for Confluence app is enabled.

Atlassian is an Australian software giant providing products for developers and managers. Last month researchers revealed that threat actors were exploiting another critical vulnerability (CVE-2022-26134) in Confluence Server and Data Center, allowing malicious actors to gain full remote access on unpatched servers.

More from Cybernews:

North Korean ransom gang undercuts competitors by charging low fees

US probing federal court records system breach

Neom or "a civilizational revolution": here is what Saudi Arabia's city of the future will look like

Google mimicked in email phishing scam

Apple network traffic went through Russia for 12 hour

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked