Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.15.x), from 5.16.0 before 5.16.3 (fixed version for 5.16.x), from 6.0.0 before 6.0.3 (fixed version for 6.0.x), and from 6.1.0 before 6.1.2 (the fixed version for 6.1.x) allow remote attackers who have admin permissions to achieve remote code execution on a Bitbucket server instance via path traversal through the Data Center migration tool.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jira.atlassian.com/browse/BSERV-11706 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: atlassian
Published: 2019-06-03T13:44:05.862975Z
Updated: 2024-09-16T17:47:59.258Z
Reserved: 2018-12-19T00:00:00
Link: CVE-2019-3397
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-06-03T14:29:00.293
Modified: 2024-11-21T04:42:01.703
Link: CVE-2019-3397
Redhat
No data.