Lucene search
Security-metrics-botATLASSIAN:BSERV-12433HistoryJun 23, 2020 - 4:27 p.m.
SSRF in Webhooks - CVE-2020-14170
2020-06-2316:27:06
security-metrics-bot
jira.atlassian.com
13
0.001 Low
EPSS
Percentile
35.5%
Affected versions of Atlassian Bitbucket Server allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability in Webhooks.
When running in an environment like Amazon EC2, this flaw may be used to access to a metadata resource that provides access credentials and other potentially confidential information.
Affected versions:
- 5.4.0 <=Β version < 7.3.1
Fixed versions:
- 7.3.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| bitbucket server | lt | 7.3.1 | |
| bitbucket server | le | 5.4.0 |
Related
prion
prion
Server side request forgery (ssrf)
2020-07-09 18:15:00
nvd
nvd
CVE-2020-14170
2020-07-09 18:15:10
cvelist
cvelist
CVE-2020-14170
2020-07-09 00:00:00
cve
cve
CVE-2020-14170
2020-07-09 18:15:10
atlassian
atlassian
SSRF in Webhooks - CVE-2020-14170
2020-06-23 16:27:06