Bitbucket Keys
Description
General
-
Documentation: https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/
-
Summary:
Bitbucket
provides hosting for source code and software development that useMercurial
orGit
as Version Control Systems.Bitbucket keys
are associated with a Bitbucket OAuth consumer. They can be used by an OAuth2 client to use Bitbucket as an OAuth2 identity provider.Obtaining this secret could allow an attacker to: - create a phishing authentication page, undistinguishable from the original - use compromised user credentials to create valid access tokens to the application
Revoke the secret
The only way to revoke the secret is to delete the OAuth consumer and create a new one.
Details for Bitbucket Keys
-
Family: credentials
-
Category: version_control_platform
-
Company: Bitbucket
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 0.24
-
Prefixed: False
Details for Bitbucket Keys Basic Auth
-
Family: credentials
-
Category: version_control_platform
-
Company: Bitbucket
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 0.06
-
Prefixed: False