{"cve":{"cve_id":"CVE-2022-36804","is_kev":true,"kev_date_added":"2022-09-30","kev_vendor_project":"Atlassian","kev_product":"Bitbucket Server and Data Center","kev_vulnerability_name":"Atlassian Bitbucket Server and Data Center Command Injection Vulnerability","kev_short_description":"Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions to a private one, can execute code by sending a malicious HTTP request.","kev_required_action":"Apply updates per vendor instructions.","kev_due_date":"2022-10-21","kev_known_ransomware":false,"kev_notes":"https://jira.atlassian.com/browse/BSERV-13438;  https://nvd.nist.gov/vuln/detail/CVE-2022-36804","kev_cwes":["CWE-78","CWE-88","CWE-158"],"epss_score":0.99174,"epss_percentile":0.99928,"epss_as_of":"2026-06-23","description":"Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.","published_at":"2022-08-25T05:40:08.899000Z","last_modified_at":null,"cvss_v3_score":8.8,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"active","ssvc_automatable":false,"ssvc_technical_impact":"total","cwes":["CWE-78","CWE-88"],"nvd_references":["https://jira.atlassian.com/browse/BSERV-13438","http://packetstormsecurity.com/files/168470/Bitbucket-Git-Command-Injection.html","http://packetstormsecurity.com/files/171453/Bitbucket-7.0.0-Remote-Command-Execution.html"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-29T01:10:52.263119Z"},"effective_severity":"HIGH","badges":["kev","poc","epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"8.3.1","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:unspecified:8.3.1"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"7.0.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:7.0.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.6.17","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:unspecified:7.6.17"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"7.7.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:7.7.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.17.10","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:unspecified:7.17.10"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"7.18.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:7.18.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.21.4","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:unspecified:7.21.4"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"8.0.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:8.0.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"8.0.3","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:unspecified:8.0.3"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"8.1.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:8.1.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"8.1.3","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:unspecified:8.1.3"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"8.2.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:8.2.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"8.2.2","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:unspecified:8.2.2"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-data-center","product_name":"Bitbucket Data Center","version_start":"8.3.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-data-center:8.3.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"7.0.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:7.0.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.6.17","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:unspecified:7.6.17"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"7.7.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:7.7.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.17.10","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:unspecified:7.17.10"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"7.18.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:7.18.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.21.4","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:unspecified:7.21.4"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"8.0.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:8.0.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"8.0.3","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:unspecified:8.0.3"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"8.1.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:8.1.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"8.1.3","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:unspecified:8.1.3"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"8.2.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:8.2.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"8.2.2","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:unspecified:8.2.2"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"8.3.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:8.3.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"bitbucket-server","product_name":"Bitbucket Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"8.3.1","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:bitbucket-server:unspecified:8.3.1"}],"exploit_refs":[{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-36804.yaml","title":"Atlassian Bitbucket - Remote Command Injection","author":"DhiyaneshDk,tess,sullo","disclosed_at":null}],"news":[],"references":[{"url":"https://jira.atlassian.com/browse/BSERV-13438","source_type":"MISC","tags":[]},{"url":"http://packetstormsecurity.com/files/168470/Bitbucket-Git-Command-Injection.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/171453/Bitbucket-7.0.0-Remote-Command-Execution.html","source_type":"EXPLOIT","tags":["exploit"]}],"timeline":[{"type":"published","at":"2022-08-25T05:40:08.899000Z","label":"CVE published","source":null},{"type":"cisa_reported","at":"2022-09-30T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"poc_available","at":"2026-06-24T00:29:48.638073Z","label":"Public PoC available","source":"nuclei"},{"type":"cvss_changed","at":"2026-06-28T17:23:18.524966Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:23:18.524966Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:23:18.524966Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:10:52.263119Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:10:52.263119Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:10:52.263119Z","label":"SSVC decision revised","source":"vulnrichment"}]}