Allele Security Alert
ASA-2019-00307
Identifier(s)
ASA-2019-00307, CVE-2019-3397
Title
Path traversal in the migration tool that leads to Remote Code Execution (RCE)
Vendor(s)
Atlassian
Product(s)
Bitbucket Data Center
Affected version(s)
Bitbucket Data Center from 5.13.0 before 5.13.6
Bitbucket Data Center from 5.14.0 before 5.14.4
Bitbucket Data Center from 5.15.0 before 5.15.3
Bitbucket Data Center from 5.16.0 before 5.16.3
Bitbucket Data Center from 6.0.0 before 6.0.3
Bitbucket Data Center from 6.1.0 before 6.1.2
Fixed version(s)
Bitbucket Data Center version 5.13.5
Bitbucket Data Center version 5.14.3
Bitbucket Data Center version 5.5.2
Bitbucket Data Center version 6.0.3
Bitbucket Data Center version 6.1.1
Proof of concept
Unknown
Description
Bitbucket Data Center had a path traversal vulnerability in the Data Center migration tool. A remote attacker with authenticated user with admin permissions can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Bitbucket Data Center. Bitbucket Server versions without a Data Center license are not vulnerable to this vulnerability.
Technical details
Unknown
Credits
Johannes Moritz (RIPS Technologies)
Reference(s)
Bitbucket Server security advisory 2019-05-22
https://confluence.atlassian.com/bitbucketserver/bitbucket-server-security-advisory-2019-05-22-969526871.html
Bitbucket Server security advisory 2019-05-22
https://seclists.org/bugtraq/2019/May/61
Bitbucket Data Center – Path traversal in the migration tool leads to RCE – CVE-2019-3397
https://jira.atlassian.com/browse/BSERV-11706
CVE-2019-3397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3397
CVE-2019-3397
https://nvd.nist.gov/vuln/detail/CVE-2019-3397
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 24, 2019