CISA alerts for critical Confluence vulnerability, which can provide hackers with hardcoded credentials
Image courtesy:HIPAA Journal
The Cybersecurity and Infrastructure Security Agency (CISA) on Friday adds a critical Confluence vulnerability tracked as CVE-2022-26138 to its list of bugs that can provide hackers with hardcoded credentials following successful exploitation.
Last week, Australian software firm Atlassian unveils unpatched versions of the Questions for Confluence app to create an account with hardcoded credentials.
One day after patching the vulnerability, the company informs the admins to fix their servers immediately, seeing that the hardcoded password had been discovered and circulated online.
Today, CISA includes the CVE-2022-26138 in its catalog of KEV (Known Exploited Vulnerabilities) based on evidence of active exploitation. Cybersecurity firm Rapid7 also publishes a report on Wednesday warning the security flaw is now actively exploited in the wild but did not circulate any data on the attacks or indicators of compromise collected while investigating them.
As a binding operational directive issued in November says, all Federal Civilian Executive Branch Agencies (FCEB) agencies have to secure their systems against vulnerabilities added to CISA’s catalog of KEV.
The cybersecurity agency has also provided federal agencies with three weeks (until August 19) to fix servers and block attacks targeting their networks.
