MITM in Repository Import - CVE-2020-14171

2020-06-23T16:39:28
ID ATLASSIAN:BSERV-12434
Type atlassian
Reporter security-metrics-bot
Modified 2020-09-04T15:50:38

Description

Affected versions of Atlassian Bitbucket Server allow remote attackers to intercept unencrypted repository import requests via Man-in-the-Middle (MITM) attack.

Affected versions: * 4.9.0 <= version < 7.2.4

Fixed versions: * 7.2.4 * 7.3.0