logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-36804

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-36804

Description:
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
Last updated date:
08/08/2023

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
09/30/2022
Reference url to background

https://twitter.com/Shadowserver/status/1573300004072132608

Type:
exploitation
Confidence:
HIGH
Date of publishing:
09/30/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/03/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/04/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/07/2022
Reference url to background

https://github.com/notdls/CVE-2022-36804

Type:
exploit
Confidence:
HIGH
Date of publishing:
09/10/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/19/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/20/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/20/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/21/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/21/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/23/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/23/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/25/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/26/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/01/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/04/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/23/2023
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2023

Privacy Policy