<\/p>\n <\/p>\n
<\/noscript>\n <\/div>\n
The Register<\/i> fans these new ones will also attract the attention of malicious actors. CVE-2022-26136 probably represents a substantial opportunity to probe long-forgotten integrations for their potential to offer a path into Atlassian products, and from there to do all sorts of damage with a nasty piece of JavaScript.<\/p>\n
With or without such attacks, Atlassian has had a tough year. Three critical flaws that have been present in products for years \u2013 and an embarrassing cloud outage \u2013 are not the sort of thing that enterprise customers appreciate. \u00ae<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"
Atlassian has warned users of its Bamboo, Bitbucket, Confluence, Fisheye, Crucible, and Jira products that a pair of critical-rated flaws threaten their security. The company’s July security advisories detail “Servlet Filter dispatcher vulnerabilities.” One of the flaws \u2013 CVE-2022-26136 \u2013 is described as an arbitrary Servlet Filter bypass that means an attacker could send a …<\/p>\n
Atlassian reveals critical flaws across its product line \u2022 The Register<\/span> Read More »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":21463,"url":"https:\/\/harchi90.com\/atlassian-rolls-out-security-patch-for-critical-confluence-vulnerability\/","url_meta":{"origin":21160,"position":0},"title":"Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability","date":"July 21, 2022","format":false,"excerpt":"Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. The flaw, tracked as CVE-2022-26138arises when the app in question is enabled on either of two services, causing it\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEgvfqow2z1XORevUpzKGWWXZ2DP4dMaNi-7cycpa3J_bSZKv0tO6MP40HLl7lvVJDIswOmb6I-YoNMLJym4v9oLZQczujsMqcttB3M_Cvm6E-zLs0XrpwaTZ_SGFjckDfi3CPfijZaii8Z88_btcKeHKKfxm7cDyF3kaVvsirGpb2JWVH0Ot3xGiC2sZg\/s1600\/strike-728.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":22577,"url":"https:\/\/harchi90.com\/hardcoded-password-in-confluence-app-has-been-leaked-on-twitter\/","url_meta":{"origin":21160,"position":1},"title":"Hardcoded password in Confluence app has been leaked on Twitter","date":"July 22, 2022","format":false,"excerpt":"Getty Images What's worse than a widely used Internet-connected enterprise app with a hardcoded password? Try said enterprise app after the hardcoded password has been leaked to the world. Atlassian on Wednesday revealed three critical product vulnerabilities, including CVE-2022-26138 stemming from a hardcoded password in Questions for Confluence, an app\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":12955,"url":"https:\/\/harchi90.com\/microsoft-releases-fix-for-zero-day-flaw-in-july-2022-security-patch-rollout\/","url_meta":{"origin":21160,"position":2},"title":"Microsoft Releases Fix for Zero-Day Flaw in July 2022 Security Patch Rollout","date":"July 13, 2022","format":false,"excerpt":"Microsoft released its monthly round of Patch Tuesday updates to address 84 new security flaws spanning multiple product categories, counting a zero-day vulnerability that's under active attack in the wild. Of the 84 shortcomings, four are rated Critical, and 80 are rated Important in severity. Also separately resolved by the\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":15110,"url":"https:\/\/harchi90.com\/microsoft-details-app-sandbox-escape-bug-impacting-apple-ios-ipados-macos-devices\/","url_meta":{"origin":21160,"position":3},"title":"Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices","date":"July 15, 2022","format":false,"excerpt":"Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple's operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. \"An attacker could take advantage of this sandbox escape vulnerability to gain elevated privileges on the affected device or execute malicious\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"fifu_image_url":"https:\/\/regmedia.co.uk\/2017\/09\/12\/atlassian_logo.jpg","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/21160"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=21160"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/21160\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=21160"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=21160"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=21160"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}