Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in Atlassian's Confluence Server and Confluence Data Center
Alerts

Critical Vulnerability in Atlassian's Confluence Server and Confluence Data Center

21 July 2022

Atlassian has released a security update to address a critical vulnerability (CVE-2022-26138) in their Confluence Server and Data Center products.

Successful exploitation of this vulnerability may allow an unauthenticated attacker to log into unpatched Confluence servers and access any non-restricted content.

The following versions of Questions for Confluence app are affected:

  • Version 2.7.34

  • Version 2.7.35

  • Version 3.0.2

Administrators and users who are using affected versions of the products are advised to upgrade to the latest versions immediately.

References:

https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html
https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-confluence-hardcoded-credentials-flaw/

Back to top