Atlassian Bitbucket Server CVE-2019-3397 Directory Traversal Vulnerability

Atlassian Bitbucket Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue using directory-traversal characters ('../') to access, write or read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive information and execute arbitrary code.

Bitbucket Server 5.13.0 through 5.13.5, 5.14.0 through 5.14.3, 5.15.0 through 5.15.2, 5.16.0 through 5.16.2, 6.0.0 through 6.0.2, 6.1.0 and 6.1.1 are vulnerable.

Information

Bugtraq ID: 108447
Class: Input Validation Error
CVE: CVE-2019-3397

Remote: Yes
Local: No
Published: May 23 2019 12:00AM
Updated: May 23 2019 12:00AM
Credit: The vendor reported this issue.
Vulnerable: Atlassian Bitbucket Server 6.1.1
Atlassian Bitbucket Server 6.1
Atlassian Bitbucket Server 6.0.2
Atlassian Bitbucket Server 6.0
Atlassian Bitbucket Server 5.16.2
Atlassian Bitbucket Server 5.16
Atlassian Bitbucket Server 5.15.2
Atlassian Bitbucket Server 5.15.1
Atlassian Bitbucket Server 5.15
Atlassian Bitbucket Server 5.14.3
Atlassian Bitbucket Server 5.14.2
Atlassian Bitbucket Server 5.14
Atlassian Bitbucket Server 5.13.5
Atlassian Bitbucket Server 5.13.4
Atlassian Bitbucket Server 5.13

Not Vulnerable: Atlassian Bitbucket Server 6.1.2
Atlassian Bitbucket Server 6.0.3
Atlassian Bitbucket Server 5.16.3
Atlassian Bitbucket Server 5.15.3
Atlassian Bitbucket Server 5.14.4
Atlassian Bitbucket Server 5.13.6

Exploit

An attacker can use readily available commands and tools to exploit this issue.

References:

• Atlassian Homepage (Atlassian)
  
• Bitbucket Data Center - Path traversal in the migration tool RCE - CVE-2019-3397 (Atlassian)
  

Source: www.securityfocus.com