Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 7.6.23, 7.17.16, 7.21.11, 8.9.0
Affects Version/s: 7.6.22, 7.17.15, 7.21.10
Component/s: Webhooks
Labels:

Support reference count:
1
Symptom Severity:
Severity 3 - Minor
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

While configuring webhooks in bitbucket, we have the option to provide a secret key that is not masked, and hence the plain text secret key is visible in audit logs, kindly mask the secret key

Steps to reproduce

Configure webhook in Bitbucket server
When the hook is created,modified we see the secret key in Plan text in the audit logs.

Work Around :

Currently we only have one work around to turn off Local configuration and administration log level in audit settings, which also disables other useful login events which is not desirable.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

image-2022-12-20-16-01-19-646.png
86 kB
20/Dec/2022 10:31 AM

Activity

People

Assignee:: Milly Wilson

Reporter:: Neeraj Upadhyay

Votes:: 3 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/Dec/2022 12:15 PM

Updated:: 12/Apr/2023 12:06 AM

Resolved:: 11/Apr/2023 10:35 PM