High severity7.5NVD Advisory· Published Jan 23, 2017· Updated May 13, 2026
CVE-2016-6668
CVE-2016-6668
Description
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to obtain the secret key for communicating with HipChat instances by reading unspecified pages.
Affected products
30cpe:2.3:a:atlassian:confluence_server:5.9.10:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:atlassian:confluence_server:5.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.11:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.12:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:confluence_server:5.9.9:*:*:*:*:*:*:*
cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.26.0:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.26.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.26.10:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.29.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.29.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:6.31.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:atlassian:jira_integration_for_hipchat:7.8.12:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- packetstormsecurity.com/files/139004/Atlassian-HipChat-Secret-Key-Disclosure.htmlnvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/539530/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/93159nvdBroken LinkThird Party AdvisoryVDB Entry
- confluence.atlassian.com/bitbucketserver/bitbucket-server-security-advisory-2016-09-21-840698321.htmlnvdVendor Advisory
- confluence.atlassian.com/doc/confluence-security-advisory-2016-09-21-849052104.htmlnvdVendor Advisory
- confluence.atlassian.com/jira/jira-and-hipchat-for-jira-plugin-security-advisory-2016-09-21-849052099.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.