{"id":21160,"date":"2022-07-21T10:36:45","date_gmt":"2022-07-21T10:36:45","guid":{"rendered":"https:\/\/harchi90.com\/atlassian-reveals-critical-flaws-across-its-product-line-the-register\/"},"modified":"2022-07-21T10:36:45","modified_gmt":"2022-07-21T10:36:45","slug":"atlassian-reveals-critical-flaws-across-its-product-line-the-register","status":"publish","type":"post","link":"https:\/\/harchi90.com\/atlassian-reveals-critical-flaws-across-its-product-line-the-register\/","title":{"rendered":"Atlassian reveals critical flaws across its product line \u2022 The Register"},"content":{"rendered":"<div id=\"body\">\n<p>Atlassian has warned users of its Bamboo, Bitbucket, Confluence, Fisheye, Crucible, and Jira products that a pair of critical-rated flaws threaten their security.<\/p>\n<p>The company&#8217;s July security advisories detail &#8220;Servlet Filter dispatcher vulnerabilities.&#8221;<\/p>\n<p>One of the flaws \u2013 CVE-2022-26136 \u2013 is described as an arbitrary Servlet Filter bypass that means an attacker could send a specially crafted HTTP request to bypass custom Servlet Filters used by third-party apps to enforce authentication.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n        <noscript><\/p>\n<p>                <\/p>\n<p>        <\/noscript>\n    <\/div>\n<p>The scary part is that the flaw allows a remote, unauthenticated attacker to bypass authentication used by third-party apps.  The really scary part is that Atlassian doesn&#8217;t have a definitive list of apps that could be impacted.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\">\n            <noscript><\/p>\n<p>                    <img src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YtksPIECk0wlpGDOTPJeYgAAAAs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/p>\n<p>            <\/noscript>\n        <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\">\n                <noscript><\/p>\n<p>                        <img src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YtksPIECk0wlpGDOTPJeYgAAAAs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/p>\n<p>                <\/noscript>\n            <\/div>\n<\/p><\/div>\n<p>&#8220;Atlassian has released updates that fix the root cause of this vulnerability, but has not exhaustively enumerated all potential consequences of this vulnerability,&#8221; it added.<\/p>\n<p>The same CVE can also be exploited in a cross-site scripting attack: a specially crafted HTTP request can bypass the Servlet Filter used to validate legitimate Atlassian Gadgets.  &#8220;An attacker that can trick a user into requesting a malicious URL can execute arbitrary JavaScript in the user&#8217;s browser,&#8221; Atlassian explains.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n            <noscript><\/p>\n<p>                    <img src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YtksPIECk0wlpGDOTPJeYgAAAAs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/p>\n<p>            <\/noscript>\n        <\/div>\n<p>The second flaw \u2013 CVE-2022-26137 \u2013 is a cross-origin resource sharing (CORS) bypass.<\/p>\n<p>Atlassian explains it as follows: &#8220;Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim&#8217;s permissions.&#8221;<\/p>\n<p>Confluence users have another flaw to worry about: CVE-2022-26138 reveals that one of its Confluence apps has a hard-coded password in place to help migrations to the cloud.  It explained:<\/p>\n<p>If that password falls into the wrong hands, a Confluence implementation is an open book.<\/p>\n<p>The flaws are present in years-old versions of Atlassian products.  Fixes have been issued and require upgrades.  Cloudy versions of the products hosted by Atlassian have already been fixed.<\/p>\n<p>News of the vulnerabilities comes just six weeks after Atlassian&#8217;s admission of another critical flaw in Confluence that was under active attack.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\">\n            <noscript><\/p>\n<p>                    <img src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YtksPIECk0wlpGDOTPJeYgAAAAs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/p>\n<p>            <\/noscript>\n        <\/div>\n<p><i>The Register<\/i> fans these new ones will also attract the attention of malicious actors.  CVE-2022-26136 probably represents a substantial opportunity to probe long-forgotten integrations for their potential to offer a path into Atlassian products, and from there to do all sorts of damage with a nasty piece of JavaScript.<\/p>\n<p>With or without such attacks, Atlassian has had a tough year.  Three critical flaws that have been present in products for years \u2013 and an embarrassing cloud outage \u2013 are not the sort of thing that enterprise customers appreciate.  \u00ae<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Atlassian has warned users of its Bamboo, Bitbucket, Confluence, Fisheye, Crucible, and Jira products that a pair of critical-rated flaws threaten their security. The company&#8217;s July security advisories detail &#8220;Servlet Filter dispatcher vulnerabilities.&#8221; One of the flaws \u2013 CVE-2022-26136 \u2013 is described as an arbitrary Servlet Filter bypass that means an attacker could send a &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/harchi90.com\/atlassian-reveals-critical-flaws-across-its-product-line-the-register\/\"> <span class=\"screen-reader-text\">Atlassian reveals critical flaws across its product line \u2022 The Register<\/span> Read More &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":21463,"url":"https:\/\/harchi90.com\/atlassian-rolls-out-security-patch-for-critical-confluence-vulnerability\/","url_meta":{"origin":21160,"position":0},"title":"Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability","date":"July 21, 2022","format":false,"excerpt":"Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. The flaw, tracked as CVE-2022-26138arises when the app in question is enabled on either of two services, causing it\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEgvfqow2z1XORevUpzKGWWXZ2DP4dMaNi-7cycpa3J_bSZKv0tO6MP40HLl7lvVJDIswOmb6I-YoNMLJym4v9oLZQczujsMqcttB3M_Cvm6E-zLs0XrpwaTZ_SGFjckDfi3CPfijZaii8Z88_btcKeHKKfxm7cDyF3kaVvsirGpb2JWVH0Ot3xGiC2sZg\/s1600\/strike-728.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":22577,"url":"https:\/\/harchi90.com\/hardcoded-password-in-confluence-app-has-been-leaked-on-twitter\/","url_meta":{"origin":21160,"position":1},"title":"Hardcoded password in Confluence app has been leaked on Twitter","date":"July 22, 2022","format":false,"excerpt":"Getty Images What's worse than a widely used Internet-connected enterprise app with a hardcoded password? Try said enterprise app after the hardcoded password has been leaked to the world. Atlassian on Wednesday revealed three critical product vulnerabilities, including CVE-2022-26138 stemming from a hardcoded password in Questions for Confluence, an app\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":12955,"url":"https:\/\/harchi90.com\/microsoft-releases-fix-for-zero-day-flaw-in-july-2022-security-patch-rollout\/","url_meta":{"origin":21160,"position":2},"title":"Microsoft Releases Fix for Zero-Day Flaw in July 2022 Security Patch Rollout","date":"July 13, 2022","format":false,"excerpt":"Microsoft released its monthly round of Patch Tuesday updates to address 84 new security flaws spanning multiple product categories, counting a zero-day vulnerability that's under active attack in the wild. Of the 84 shortcomings, four are rated Critical, and 80 are rated Important in severity. Also separately resolved by the\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":15110,"url":"https:\/\/harchi90.com\/microsoft-details-app-sandbox-escape-bug-impacting-apple-ios-ipados-macos-devices\/","url_meta":{"origin":21160,"position":3},"title":"Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices","date":"July 15, 2022","format":false,"excerpt":"Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple's operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. \"An attacker could take advantage of this sandbox escape vulnerability to gain elevated privileges on the affected device or execute malicious\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"fifu_image_url":"https:\/\/regmedia.co.uk\/2017\/09\/12\/atlassian_logo.jpg","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/21160"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=21160"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/21160\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=21160"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=21160"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=21160"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}