SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2022-04-20T18:30:19.225869Z
Updated: 2024-09-16T19:56:27.196Z
Reserved: 2022-02-25T00:00:00
Link: CVE-2022-26133
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-04-20T19:15:08.157
Modified: 2022-04-28T17:50:56.293
Link: CVE-2022-26133
Redhat
No data.