Web Analytics
Select Page

Atlassian Security Alerts

About ReleaseTEAM: DevOps Experts

Multiple Data Center Products Security Advisory

Priority: High

CVE-2016-10750 – Hazelcast vulnerable to remote code execution

Issue Summary Multiple Atlassian products use the third-party software Hazelcast, which is vulnerable to Java deserialization attacks (CVE-2016-10750). Hazelcast is used by these products when they’re configured to run as a cluster. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted JoinRequest, resulting in arbitrary code execution.

Affected Products
Bitbucket Data Center
Confluence Data Center

Read the full advisory and what you need to do for your instance

Details on upgrading and on the alternative workaround, as well as more info on this issue can be found Here

Contact us at (866) 887-0489 or info@releaseteam.com today to speak to an expert about your next DevOps project.

Corporate HQ

1499 W. 120th Ave
Suite 110
Westminster, CO 80234
720-887-0489

Massachusetts

1257 Worcester Rd.
Suite 108
Framingham, MA 01701
866-887-0489

Canada

PMB# 604
1-110 Cumberland St.
Toronto, ON M5R 3V5
866-887-0489