{"id":25838,"date":"2022-07-21T22:16:32","date_gmt":"2022-07-21T20:16:32","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=25838"},"modified":"2022-07-21T22:19:24","modified_gmt":"2022-07-21T20:19:24","slug":"confluence-security-advisory-2022-07-20","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/07\/21\/confluence-security-advisory-2022-07-20\/","title":{"rendered":"Confluence Security Advisory 2022-07-20"},"content":{"rendered":"

\"Sicherheit[German<\/a>]Confluence released Security Advisory 2022-07-20<\/a> on July 20, and updated it today. The security advisory addresses Confluence accounts with hardcoded credentials created by Questions for Confluence. This affects the Confluence app for Confluence Server and Confluence Data Center. <\/p>\n

<\/p>\n

\"\"When the Questions for Confluence app is enabled on Confluence Server or Data Center, the app creates a Confluence user account with the username disabledsystemuser<\/em>. This account is intended for administrators migrating data from the app to Confluence Cloud. <\/p>\n

The disabledsystemuser<\/em> account is created with a hard-coded password and added to the confluence-users<\/em> group. By default, the group allows viewing and editing of all unrestricted pages in Confluence. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all pages to which the confluence-users<\/em> group has access.<\/p>\n

This hardcoded password vulnerability was discovered<\/a> by an external security researcher and disclosed on Twitter. Confluence classifies the vulnerability as critical. Since the hardcoded password is now publicly known, it is likely that this issue will be exploited in the wild. This vulnerability should be fixed immediately on affected systems. Confluence Server or Data Center instances are affected if this has an active user account with the following information:<\/p>\n