GobyVuls/CVE-2022-26138.md

## Atlassian Confluence Default Login (CVE-2022-26138)

|   **Vulnerability**  | **Atlassian Confluence Default Login (CVE-2022-26138)**  |
| :----:   | :-----|
|  **Chinese name**  | Atlassian Confluence 硬编码用户登陆漏洞 (CVE-2022-26138) |
| **CVSS core**  | 7.0 |
| **FOFA Query**  (click to view the results directly)| [(header="X-Confluence-" && header!="TP-LINK Router UPnP") \|\| (banner="X-Confluence-" && banner!="TP-LINK Router UPnP") \|\| (body="name=\"confluence-base-url\"" && body="id=\"com-atlassian-confluence") \|\| title="Atlassian Confluence" \|\| (title=="Errors" && body="Confluence")](https://fofa.info/result?qbase64=CihoZWFkZXI9IlgtQ29uZmx1ZW5jZS0iICYmIGhlYWRlciE9IlRQLUxJTksgUm91dGVyIFVQblAiKSB8fCAoYmFubmVyPSJYLUNvbmZsdWVuY2UtIiAmJiBiYW5uZXIhPSJUUC1MSU5LIFJvdXRlciBVUG5QIikgfHwgKGJvZHk9Im5hbWU9XCJjb25mbHVlbmNlLWJhc2UtdXJsXCIiICYmIGJvZHk9ImlkPVwiY29tLWF0bGFzc2lhbi1jb25mbHVlbmNlIikgfHwgdGl0bGU9IkF0bGFzc2lhbiBDb25mbHVlbmNlIiB8fCAodGl0bGU9PSJFcnJvcnMiICYmIGJvZHk9IkNvbmZsdWVuY2UiKQ%3D%3D) |
| **Number of assets affected**  | 90658 |
| **Description**  | Atlassian Confluence Server is a server version of Atlassian's collaboration software with enterprise knowledge management functions and support for building enterprise WiKi. A security vulnerability exists in Atlassian Confluence Server, which stems from the use of hard-coded passwords that allow attackers to log in to view sensitive information such as team space members. |
| **Impact** | A security vulnerability exists in Atlassian Confluence Server, which stems from the use of hard-coded passwords that allow attackers to log in to view sensitive information such as team space members. |

![](https://s3.bmp.ovh/imgs/2023/04/01/67b39bfe7311567f.gif)
Create CVE-2022-26138.md add CVE-2022-26138 2023-04-01 12:37:31 +08:00			`## Atlassian Confluence Default Login (CVE-2022-26138)`

			`\| Vulnerability \| Atlassian Confluence Default Login (CVE-2022-26138) \|`
			`\| :----: \| :-----\|`
			`\| Chinese name \| Atlassian Confluence 硬编码用户登陆漏洞 (CVE-2022-26138) \|`
			`\| CVSS core \| 7.0 \|`
			\| FOFA Query (click to view the results directly)\| [(header="X-Confluence-" && header!="TP-LINK Router UPnP") \\|\\| (banner="X-Confluence-" && banner!="TP-LINK Router UPnP") \\|\\| (body="name=\"confluence-base-url\"" && body="id=\"com-atlassian-confluence") \\|\\| title="Atlassian Confluence" \\|\\| (title=="Errors" && body="Confluence")](https://fofa.info/result?qbase64=CihoZWFkZXI9IlgtQ29uZmx1ZW5jZS0iICYmIGhlYWRlciE9IlRQLUxJTksgUm91dGVyIFVQblAiKSB8fCAoYmFubmVyPSJYLUNvbmZsdWVuY2UtIiAmJiBiYW5uZXIhPSJUUC1MSU5LIFJvdXRlciBVUG5QIikgfHwgKGJvZHk9Im5hbWU9XCJjb25mbHVlbmNlLWJhc2UtdXJsXCIiICYmIGJvZHk9ImlkPVwiY29tLWF0bGFzc2lhbi1jb25mbHVlbmNlIikgfHwgdGl0bGU9IkF0bGFzc2lhbiBDb25mbHVlbmNlIiB8fCAodGl0bGU9PSJFcnJvcnMiICYmIGJvZHk9IkNvbmZsdWVuY2UiKQ%3D%3D) \|
			`\| Number of assets affected \| 90658 \|`
			`\| Description \| Atlassian Confluence Server is a server version of Atlassian's collaboration software with enterprise knowledge management functions and support for building enterprise WiKi. A security vulnerability exists in Atlassian Confluence Server, which stems from the use of hard-coded passwords that allow attackers to log in to view sensitive information such as team space members. \|`
			`\| Impact \| A security vulnerability exists in Atlassian Confluence Server, which stems from the use of hard-coded passwords that allow attackers to log in to view sensitive information such as team space members. \|`

			`![](https://s3.bmp.ovh/imgs/2023/04/01/67b39bfe7311567f.gif)`