Security Advisory

CVE-2022-26133

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-20 18:30:19
Last updated 2024-10-03 14:55:36
Assigner atlassian
State PUBLISHED

Description

SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.