CISA Warns of Attacks Exploiting Recent Atlassian Bitbucket Vulnerability

CISA
CISA-Warns-of-Attacks-Exploiting-Recent-Atlassian-Bitbucket-Vulnerability

A recent Atlassian Bitbucket vulnerability and two Microsoft Exchange zero-days are currently being actively exploited, according to the United States Cybersecurity and Infrastructure Security Agency (CISA).

Git-based repository management tool Atlassian Bitbucket offers the ability to host and share source code. The currently exploited vulnerability is identified as CVE-2022-36804 (CVSS score of 9.9) and is classified as a command injection bug that affects various API endpoints of Bitbucket Server and Data Center.

According to the company’s advisory, the problem affects all Bitbucket versions made available after 6.10.17, so “any versions between 7.0.0 and 8.3.0 inclusive can be exploited by this vulnerability.”

Read More: CISA Warns of Attacks Exploiting Recent Atlassian Bitbucket Vulnerability

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.