CVE-2017-18036
published 2018-02-02CVE-2017-18036: The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise…
medium4.3CVSS 3.0
AVNACLPRLUINSUCLINAN
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | bitbucket | < 5.3.0 | 5.3.0 |
| atlassian | bitbucket_server | — | — |