📌 Multiple Products Security Advisory - CVE-2022-26136, CVE-2022-26137

July 21, 2022

This week Atlassian released an advisory detailing new CVEs affecting multiple Atlassian products, including Jira and Confluence.

Learn more: https://confluence.atlassian.com/security/multiple-products-security-advisory-cve-2022-26136-cve-2022-26137-1141493031.html

🌤 Atlassian Cloud products are not affected, per the advisory.

Another day, another CVE, am I right? Stay diligent, and happy patching. 🔒

5 comments

There was another CVE released that won't affect as many people, but if affected, you should pay attention.

CVE-2022-26138 affects those that have Questions for Confluence installed. Older versions created an account with a hardcoded password. Uninstalling the app won't delete the account.

Details are here: https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html

Like • like this

@Robert Wen_Cprime_ good highlight, thanks for mentioning that! 💪

Like • like this

Thank you, @Dave Liao and @Robert Wen_Cprime_ for sharing the infirmation about these security vulnerabilities.

Like • like this

@Taranjeet Singh - anytime, we've got to protect our users!

Like • Robert Wen_Cprime_ likes this

You're welcome, @Taranjeet Singh ! Happy to help!

Comment

Was this helpful?

Thanks!

Enterprise

Forums

Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

📌 Multiple Products Security Advisory - CVE-2022-26136, CVE-2022-26137

5 comments

Comment

Was this helpful?

Thanks!

About this author

TAGS

Atlassian Community Events