Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Recent Security Advisories (CVE-2022-26138, CVE-2022-26136, CVE-2022-26137)

Javier Olivera
Javier Olivera
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 20, 2022

What action should cloud customers (Confluence) need to take to keep corporate information secure? Is there any corrective action that customers need to take?

Answer
Watch
Like Be the first to like this
2153 views

4 answers

2 accepted

1 vote
Answer accepted
Kian Stack Mumo Systems
Kian Stack Mumo Systems
Community Champion
July 20, 2022

@Javier Olivera, According to the security advisory, there are no actions which need to be taken for Atlassian Cloud.

Reply
1 vote
Answer accepted
Robert Wen_Cprime_
Robert Wen_Cprime_
Community Champion
July 20, 2022

Hello @Javier Olivera ! Welcome to the Atlassian community!

Cloud products are not affected by the vulnerabilities identified.  You don't have to do anything.

Reply
0 votes
Samuel Leung
Samuel Leung July 31, 2022

For CVE-2022-26138. In regards to the instruction for How To Determine If You Are Affected. Does "If this account does not show up in the list of active users" simply imply the list of users found at the following location:

  1. Settings Cog top right > User Management > List Users > Find user = dontdeletethisuser@email.com

Or does Atlassian require us to go above and beyond with some fancy way of digging into users that do not appear on the Active Users list within the webgui administration?

Reply
0 votes
Pankaj Rana
Pankaj Rana July 21, 2022

Do we have any workarounds for CVE-2022-26136, CVE-2022-26137?

View More Comments
Like Andy Gladstone likes this
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.