CVE-2016-6668: Infoleak
First published: Mon Jan 23 2017(Updated: )
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to obtain the secret key for communicating with HipChat instances by reading unspecified pages.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Atlassian Confluence Server | =5.5.0 | |
| Atlassian Confluence Server | =5.9.1 | |
| Atlassian Confluence Server | =5.9.2 | |
| Atlassian Confluence Server | =5.9.3 | |
| Atlassian Confluence Server | =5.9.4 | |
| Atlassian Confluence Server | =5.9.5 | |
| Atlassian Confluence Server | =5.9.6 | |
| Atlassian Confluence Server | =5.9.7 | |
| Atlassian Confluence Server | =5.9.8 | |
| Atlassian Confluence Server | =5.9.9 | |
| Atlassian Confluence Server | =5.9.10 | |
| Atlassian Confluence Server | =5.9.11 | |
| Atlassian Confluence Server | =5.9.12 | |
| Atlassian Confluence Server | =5.10.0 | |
| Atlassian Confluence Server | =5.10.1 | |
| Atlassian Confluence Server | =5.10.2 | |
| Atlassian Confluence Server | =5.10.3 | |
| Atlassian Jira Integration For Hipchat | =6.26.0 | |
| Atlassian Jira Integration For Hipchat | =6.26.10 | |
| Atlassian Jira Integration For Hipchat | =6.29.1 | |
| Atlassian Jira Integration For Hipchat | =6.29.2 | |
| Atlassian Jira Integration For Hipchat | =6.31.0 | |
| Atlassian Jira Integration For Hipchat | =7.1.0 | |
| Atlassian Jira Integration For Hipchat | =7.2.1 | |
| Atlassian Jira Integration For Hipchat | =7.3.2 | |
| Atlassian Jira Integration For Hipchat | =7.3.3 | |
| Atlassian Jira Integration For Hipchat | =7.4.1 | |
| Atlassian Jira Integration For Hipchat | =7.8.1 | |
| Atlassian Jira Integration For Hipchat | =7.8.3 | |
| Atlassian Jira Integration For Hipchat | =7.8.12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/139004/Atlassian-HipChat-Secret-Key-Disclosure.html
- http://www.securityfocus.com/archive/1/539530/100/0/threaded
- http://www.securityfocus.com/bid/93159
- https://confluence.atlassian.com/bitbucketserver/bitbucket-server-security-advisory-2016-09-21-840698321.html
- https://confluence.atlassian.com/doc/confluence-security-advisory-2016-09-21-849052104.html
- https://confluence.atlassian.com/jira/jira-and-hipchat-for-jira-plugin-security-advisory-2016-09-21-849052099.html
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/atlassian
- canonical/atlassian confluence server
- version/atlassian confluence server/5.5.0
- version/atlassian confluence server/5.9.1
- version/atlassian confluence server/5.9.2
- version/atlassian confluence server/5.9.3
- version/atlassian confluence server/5.9.4
- version/atlassian confluence server/5.9.5
- version/atlassian confluence server/5.9.6
- version/atlassian confluence server/5.9.7
- version/atlassian confluence server/5.9.8
- version/atlassian confluence server/5.9.9
- version/atlassian confluence server/5.9.10
- version/atlassian confluence server/5.9.11
- version/atlassian confluence server/5.9.12
- version/atlassian confluence server/5.10.0
- version/atlassian confluence server/5.10.1
- version/atlassian confluence server/5.10.2
- version/atlassian confluence server/5.10.3
- canonical/atlassian jira integration for hipchat
- version/atlassian jira integration for hipchat/6.26.0
- version/atlassian jira integration for hipchat/6.26.10
- version/atlassian jira integration for hipchat/6.29.1
- version/atlassian jira integration for hipchat/6.29.2
- version/atlassian jira integration for hipchat/6.31.0
- version/atlassian jira integration for hipchat/7.1.0
- version/atlassian jira integration for hipchat/7.2.1
- version/atlassian jira integration for hipchat/7.3.2
- version/atlassian jira integration for hipchat/7.3.3
- version/atlassian jira integration for hipchat/7.4.1
- version/atlassian jira integration for hipchat/7.8.1
- version/atlassian jira integration for hipchat/7.8.3
- version/atlassian jira integration for hipchat/7.8.12