CVE-2017-18036

Summary

The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianBitbucket Serverprior to 5.3.0affected

Weaknesses

  • CWE-918: Server Side Request Forgery (CWE-918)

ADP Enrichment

CVE Program Container

Additional References

References