Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-29534

Passwords of configured SMTP mail accounts are stored in cleartext

    XMLWordPrintable

Details

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion.

      Passwords for configured mail accounts are stored in clear text in the database as can be seen e.g. by:

      SELECT * FROM BANDANA WHERE BANDANAKEY = 'atlassian.confluence.space.mailaccounts';

      Even when being an admin I should NOT be able to read-out other users email account password!

      This problem exists for Confluence AND Jira as well.

      Attachments

        Issue Links

          is related to

          Suggestion - CONFSERVER-29534 Passwords of configured SMTP mail accounts are stored in cleartext

          • Under Consideration

          Activity

            People

              Unassigned Unassigned
              54986ff9eb67 Rainer Pöhlmann
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: