Government agencies have been advised by the US Cybersecurity and Infrastructure Security Agency (CISA) to address a recently disclosed Confluence vulnerability that has been used in attacks.
The account ‘disabledsystemuser’ in the Questions for Confluence app, which is intended to assist administrators in migrating data from the app to Confluence Cloud, is related to the critical vulnerability, tracked as CVE-2022-26138. This account’s hardcoded password and membership in the ‘confluence-users’ group, which by default permits viewing and editing of non-restricted pages in Confluence, are the problem. The account can be used by a remote, unauthenticated attacker to log into Confluence and access any page that the user group has access to.
For more such updates follow us on Google News ITsecuritywire News