Security News > 2022 > July > Atlassian: Confluence hardcoded password was leaked, patch now!
Australian software firm Atlassian warned customers to immediately patch a critical vulnerability that provides remote attackers with hardcoded credentials to log into unpatched Confluence Server and Data Center servers.
As the company revealed this week, the Questions for Confluence app creates a disabledsystemuser account with a hardcoded password to help admins migrate data from the app to the Confluence Cloud.
One day after releasing security updates to address the vulnerability, Atlassian warned admins to patch their servers as soon as possible, given that the hardcoded password had been found and shared online.
To defend against potential attacks, Atlassian recommends updating to a patched version of Questions for Confluence or disabling/deleting the disabledsystemuser account.
Updating the Questions for Confluence app to a fixed version will remove the problematic user account if present.
Confluence servers are attractive targets for threat actors, as shown by previous attacks with Linux botnet malware, AvosLocker and Cerber2021 ransomware, and crypto miners.