Skip to main content

Atlassian Releases Security Update for Bitbucket Server and Data Center

Atlassian has released an update to remediate a critical security vulnerability affecting its Bitbucket Server and Data Center product

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Atlassian has released an update to remediate a critical security vulnerability affecting its Bitbucket Server and Data Center product


Affected platforms

The following platforms are known to be affected:

Threat details

Introduction

Atlassian has released a security update to address a critical command injection vulnerability in Bitbucket Server and Data Center. The vulnerability known as CVE-2022-43781 has a CVSS score of 9.

An attacker with permission to control their username can exploit this vulnerability to execute code on the system.


Remediation advice

Affected organisations are encouraged to review the Atlassian Bitbucket Server and Data Center Advisory and apply the necessary updates or workarounds.



Last edited: 17 November 2022 3:11 pm