Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 Server-Side Request Forgery (SSRF) Vulnerability

Summary

Affected versions of Atlassian Bitbucket Server allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability in Webhooks.

Credit:

The information has been provided by Vendor

The original article can be found at:https://jira.atlassian.com/browse/BSERV-12433


Details

Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.

 

Vulnerable Systems:

Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 

 

CVE Information:

CVE-2020-14170

 

Disclosure Timeline:
Published Date:7/9/2020

Categories: FeaturedNews