|
This outbreak alert on 'Atlassian Confluence Server and Data Center' and 'Dahua Security' covers vulnerability that is CVE-2021-26084, CVE-2021-33044, 2021-33045, CVE-2022-26134 and CVE-2022-26138.
CVE-2021-26084 is a vulnerability in Atlassian Confluence that allows unauthenticated attackers to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
CVE-2021-33044 is an identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
CVE-2021-33045 is an identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
CVE-2022-26134 is OGNL injection vulnerability that allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance. Released versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1 contains a fix for this issue.
CVE-2022-26138 is a critical vulnerability in the Atlassian \"Questions for Confluence\" app for Confluence Server and Data Center. The issue arises from the creation of a user account named disabledsystemuser with a hardcoded password. This account is part of the confluence-users group, allowing a remote, unauthenticated attacker with knowledge of the password to log into Confluence and access all content available to regular users. The vulnerability affects versions 2.7.34, 2.7.35, and 3.0.2 of the app.
This article describes the assessment of RCE, Authentication Bypass and hardcoded credential vulnerability in 'Atlassian Confluence Server and Data Center' and 'Dahua Security' software.
|
