PT-2022-2556 · Atlassian · Bitbucket

🗓️ 25 Feb 2022 00:00:00Reported by Positive TechnologiesType

Bitbucket vulnerability in SharedSecretClusterAuthenticator enables code execution via deserialization; patch or disable.

Reporter	Title	Published	Views	Family All 33
GithubExploit	Exploit for Deserialization of Untrusted Data in Hazelcast	5 Oct 202113:40	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Atlassian Bitbucket_Data_Center	4 Jun 202211:31	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Atlassian Bitbucket_Data_Center	4 Jun 202211:31	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Atlassian Bitbucket_Data_Center	9 May 202212:07	–	githubexploit
ATTACKERKB	CVE-2022-26133	24 Mar 202223:00	–	attackerkb
Atlassian	Bitbucket Data Center - Java Deserialization Vulnerability In Hazelcast - CVE-2022-26133	18 Mar 202219:56	–	atlassian
Atlassian	Confluence Data Center - Java Deserialization Vulnerability In Hazelcast - CVE-2016-10750	24 Mar 202218:07	–	atlassian
Atlassian	RCE in Confluence DataCenter via HazelCast(Confluence) Port	6 Jun 202206:20	–	atlassian
Circl	CVE-2016-10750	22 May 201914:48	–	circl
Circl	CVE-2022-26133	20 Apr 202222:25	–	circl

Source	Link
github	www.github.com/Pear1y/CVE-2022-26133
github	www.github.com/0xAbbarhSF/CVE-2022-26133
github	www.github.com/0xStarFord/CVE-2022-26133
web	www.web.archive.org/web/20250000000000*/https:/github.com/Trhackno/CVE-2022-26133
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-26133
confluence	www.confluence.atlassian.com/security/multiple-products-security-advisory-hazelcast-vulnerable-to-remote-code-execution-cve-2016-10750-1116292387.html
bdu	www.bdu.fstec.ru/vul/2022-02985
jira	www.jira.atlassian.com/browse/BSERV-13173
t	www.t.me/freedomf0x/16512
t	www.t.me/cybersecuritytechnologies/5989

03 Oct 2024 00:00Current

9.1High risk

Vulners AI Score9.1

CVSS 3.19.8

CVSS 27.5

CVSS 38.1

EPSS0.81388

SSVC