Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Atlassian Bitbucket Server 4.x < 4.10.0 Unauthorized Access

Low

Synopsis

The remote Bitbucket server is affected by an unauthorized access attack vector.

Description

Versions of Bitbucket 4.x, prior to 4.10.0 contain a flaw that is triggered when handling SSH keys, which can allow access to repositories even though a user has been deleted. This may allow a remote attacker to gain unauthorized access to sensitive information.

Solution

Upgrade to Bitbucket version 4.10.0 or later.