Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What are the security risks in creating a tunnel from Jira Cloud to Bitbucket Data Center?

Deleted user July 25, 2024

 

What are the security risks in creating a tunnel from Jira Cloud to Bitbucket Data Center?
From Atlassian support:

Link Bitbucket with Jira Software Cloud

If your Bitbucket instance is behind a firewall, we recommend that you use an application tunnel to link Bitbucket with Jira Software Cloud. Application tunnels are available for Bitbucket 6.9 and later.  Learn more about application tunnels

What happens if the Jira Cloud account gets hacked?
Thank you,

Answer
Watch
Like John Funk likes this
262 views

1 answer

0 votes
Jim Knepley - ReleaseTEAM
Jim Knepley - ReleaseTEAM
Atlassian Partner
July 25, 2024

The application tunnels you linked to are implemented using secure WebSocket protocols. This means there is an encrypted connection between Jira Cloud and Bitbucket, but that connection cannot be used directly to access other systems within your network. If Bitbucket has behaviors that allows lateral movement, that's another story.

"What happens if the Jira Cloud account gets hacked?"

The compromised account could be used to perform authorized operations, which could range from viewing dashboards or issues to administering the Atlassian Cloud account, depending on the permissions of the compromised account. A compromised account would be a very bad thing for a variety of reasons, application link or otherwise. I don't think it poses a serious risk to your internal network.

If someone manages to get access to the underlying host operating system, a WebSocket wouldn't benefit them significantly since it's in the "application layer" at both ends.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.