Published: 20/04/2022 Updated: 28/04/2022

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later prior to 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated malicious user to execute arbitrary code via Java deserialization.

Vulnerable Product	Search on Vulmon	Subscribe to Product
atlassian bitbucket data center
atlassian bitbucket data center 7.20.0

CVE-2022-26133 Exploit

CVE-2022-26133 Information Description SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5140 and later before 7614, 770 and later prior to 7176, 7180 and later prior to 7184, 7190 and later prior to 7194, and 7200 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization State -> PUBLIC Pro

Atlassian Bitbucket Data Center RCE(CVE-2022-26133) verification.

CVE-2022-26133 说明 Atlassian Bitbucket Data Center 反序列化漏洞(CVE-2022-26133) 批量验证和利用漏洞验证批量 python3 CVE-2022-26133py -u 192168110136:7990 -f targettxt 漏洞利用声明：该工具仅用于合法的，经过授权的渗透测试，公司内部安全检查与研究使用。由于使�

CWE-502 https://jira.atlassian.com/browse/BSERV-13173 https://confluence.atlassian.com/security/multiple-products-security-advisory-hazelcast-vulnerable-to-remote-code-execution-cve-2016-10750-1116292387.html https://nvd.nist.gov https://github.com/0xAbbarhSF/CVE-2022-26133

CVE-2022-26133

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect