{"id":285797,"date":"2022-07-30T02:20:35","date_gmt":"2022-07-30T04:20:35","guid":{"rendered":"https:\/\/teknomers.com\/fr\/la-cisa-met-en-garde-contre-le-bogue-didentification-code-en-dur-datlassian-confluence-exploite-dans-des-attaques\/"},"modified":"2022-07-30T02:20:37","modified_gmt":"2022-07-30T04:20:37","slug":"la-cisa-met-en-garde-contre-le-bogue-didentification-code-en-dur-datlassian-confluence-exploite-dans-des-attaques","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/la-cisa-met-en-garde-contre-le-bogue-didentification-code-en-dur-datlassian-confluence-exploite-dans-des-attaques\/","title":{"rendered":"La CISA met en garde contre le bogue d&#8217;identification cod\u00e9 en dur d&#8217;Atlassian Confluence exploit\u00e9 dans des attaques"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both\"><\/div>\n<p>Vendredi, l&#8217;Agence am\u00e9ricaine de cybers\u00e9curit\u00e9 et de s\u00e9curit\u00e9 des infrastructures (CISA) <a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/07\/29\/cisa-adds-one-known-exploited-vulnerability-catalog\" target=\"_blank\">ajout\u00e9e<\/a> la faille de s\u00e9curit\u00e9 Atlassian r\u00e9cemment r\u00e9v\u00e9l\u00e9e dans son catalogue de vuln\u00e9rabilit\u00e9s exploit\u00e9es connues, bas\u00e9e sur des preuves d&#8217;exploitation active.<\/p>\n<p>La vuln\u00e9rabilit\u00e9, identifi\u00e9e comme CVE-2022-26138, concerne l&#8217;utilisation d&#8217;informations d&#8217;identification cod\u00e9es en dur lorsque l&#8217;application Questions For Confluence est activ\u00e9e dans les instances Confluence Server et Data Center.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/strike-d\" target=\"_blank\" title=\"DevOps backupy\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/07\/Une-nouvelle-etude-revele-que-la-plupart-des-fournisseurs-dentreprise.png\" width=\"300\" height=\"250\" \/><\/a><\/div>\n<p>&#8220;Un attaquant distant non authentifi\u00e9 peut utiliser ces informations d&#8217;identification pour se connecter \u00e0 Confluence et acc\u00e9der \u00e0 tout le contenu accessible aux utilisateurs du groupe confluence-users&#8221;, CISA <a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\">Remarques<\/a> dans son avis.<\/p>\n<div class=\"separator\" style=\"clear: both\"><img decoding=\"async\" alt=\"Confluence Atlassienne\" border=\"0\" data-original-height=\"462\" data-original-width=\"728\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/07\/1659154835_981_La-CISA-met-en-garde-contre-le-bogue-didentification-code.jpg\" title=\"Confluence Atlassienne\" \/><\/div>\n<p>En fonction des restrictions de page et des informations dont dispose une entreprise dans Confluence, l&#8217;exploitation r\u00e9ussie de la lacune pourrait conduire \u00e0 la divulgation d&#8217;informations sensibles.<\/p>\n<p>Bien que le bogue ait \u00e9t\u00e9 corrig\u00e9 par la soci\u00e9t\u00e9 de logiciels Atlassian la semaine derni\u00e8re dans les versions 2.7.38 et 3.0.5, il a depuis fait l&#8217;objet d&#8217;une exploitation active, a r\u00e9v\u00e9l\u00e9 cette semaine la soci\u00e9t\u00e9 de cybers\u00e9curit\u00e9 Rapid7.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/crowdsec-tour-d\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/07\/1656663365_395_Amazon-corrige-discretement-la-vulnerabilite-de-gravite-elevee-dans-lapplication.jpg\" width=\"728\" height=\"90\" \/><\/a><\/div>\n<p>&#8220;Les efforts d&#8217;exploitation \u00e0 ce stade ne semblent pas tr\u00e8s r\u00e9pandus, bien que nous nous attendions \u00e0 ce que cela change&#8221;, a d\u00e9clar\u00e9 Erick Galinkin, chercheur principal en intelligence artificielle chez Rapid7, \u00e0 The Hacker News.<\/p>\n<p>&#8220;La bonne nouvelle est que la vuln\u00e9rabilit\u00e9 se trouve dans l&#8217;application Questions for Confluence et <em>ne pas<\/em> \u00e0 Confluence m\u00eame, ce qui r\u00e9duit consid\u00e9rablement la surface d&#8217;attaque.&#8221;<\/p>\n<p>Avec la faille d\u00e9sormais ajout\u00e9e au catalogue, la Federal Civilian Executive Branch (FCEB) aux \u00c9tats-Unis est mandat\u00e9e pour appliquer des correctifs d&#8217;ici le 19 ao\u00fbt 2022, afin de r\u00e9duire leur exposition aux cyberattaques.<\/p>\n<p>&#8220;\u00c0 ce stade, la vuln\u00e9rabilit\u00e9 est publique depuis relativement peu de temps&#8221;, a not\u00e9 Galinkin.  &#8220;En plus de l&#8217;absence d&#8217;activit\u00e9 post-exploitation significative, nous n&#8217;avons pas encore d&#8217;acteurs mena\u00e7ants attribu\u00e9s aux attaques.&#8221;<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/07\/cisa-warns-of-atlassian-confluence-hard.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vendredi, l&#8217;Agence am\u00e9ricaine de cybers\u00e9curit\u00e9 et de s\u00e9curit\u00e9 des infrastructures (CISA) ajout\u00e9e la faille de s\u00e9curit\u00e9 Atlassian r\u00e9cemment r\u00e9v\u00e9l\u00e9e dans son catalogue de vuln\u00e9rabilit\u00e9s exploit\u00e9es connues, bas\u00e9e sur des preuves d&#8217;exploitation active. La vuln\u00e9rabilit\u00e9, identifi\u00e9e comme CVE-2022-26138, concerne l&#8217;utilisation d&#8217;informations d&#8217;identification cod\u00e9es en dur lorsque l&#8217;application Questions For Confluence est activ\u00e9e dans les instances Confluence [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":285798,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[8074,6813,4805,5597,4168,35371,841,4158,4165,4161,429,94742,133,71695,7208,7727,525,4157,4159,4171,4170,4167,4955,4160,4163,4162,4172,4169,4166,4164],"class_list":["post-285797","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-attaques","tag-bogue","tag-cisa","tag-code","tag-comment-pirater","tag-confluence","tag-contre","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-dans","tag-datlassian","tag-des","tag-didentification","tag-dur","tag-exploite","tag-garde","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-logiciel-malveillant-de-ransomware","tag-met","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-securite-informatique","tag-securite-internet","tag-violation-de-donnees","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/285797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=285797"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/285797\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/285798"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=285797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=285797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=285797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}