[BSERV-10595] Path traversal through the name of a git tag in the git repository tag rest resource - CVE-2017-18037 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 5.3.4, 5.4.2, 5.0.9, 5.1.8, 5.2.6, 4.14.11, 5.5.1, 5.6.0
Affects Version/s: 3.7.0, 3.11.6, 4.14.10, 5.5.0
Component/s: None
Labels:

Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed version for 5.1.x), from version 5.2.0 before 5.2.6 (the fixed version for 5.2.x), from version 5.3.0 before 5.3.4 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.2 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.1 (the fixed version for 5.5.x) and before 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag.

mentioned in: Page Failed to load

Form Name

Richard Atkins made changes - 05/Dec/2019 1:33 AM

Labels

Original: CVE-2017-18037 advisory advisory-released bugbounty cvss-high path-traversal security

New: CVE-2017-18037 advisory advisory-released bugbounty cvss-high idor path-traversal security

Owen made changes - 10/Apr/2019 6:47 AM

Workflow

Original: Stash Workflow - Restricted [ 2594830 ]

New: JAC Bug Workflow v3 [ 3137319 ]

Owen made changes - 24/Oct/2018 5:05 AM

Symptom Severity

Original: Major [ 14431 ]

New: Severity 2 - Major [ 15831 ]

Frank Doherty made changes - 24/Sep/2018 7:11 AM

Remote Link

New: This issue links to "Page (Confluence)" [ 389525 ]

David Black made changes - 02/Feb/2018 1:19 AM

Labels

Original: CVE-2017-18037 advisory advisory-to-release bugbounty cvss-high path-traversal security

New: CVE-2017-18037 advisory advisory-released bugbounty cvss-high path-traversal security

David Black made changes - 02/Feb/2018 1:14 AM

Description

Original: The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed version for 5.1.x), from version 5.2.0 before 5.2.6 (the fixed version for 5.2.x), from 5.3.0 before 5.3.4 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.2 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.1 (the fixed version for 5.5.x) and before 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag.

New: The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed version for 5.1.x), from version 5.2.0 before 5.2.6 (the fixed version for 5.2.x), from version 5.3.0 before 5.3.4 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.2 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.1 (the fixed version for 5.5.x) and before 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag.

David Black made changes - 02/Feb/2018 1:14 AM

Description

Original: The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before version 4.14.11 (the fixed version for 4.14.x), 5.0.9 (the fixed version for 5.0.x), 5.1.8 (the fixed version for 5.1.x), 5.2.6 (the fixed version for 5.2.x), 5.3.4 (the fixed version for 5.3.x), 5.4.2 (the fixed version for 5.4.x), 5.5.1 (the fixed version for 5.5.x) and 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag.

New: The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed version for 5.1.x), from version 5.2.0 before 5.2.6 (the fixed version for 5.2.x), from 5.3.0 before 5.3.4 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.2 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.1 (the fixed version for 5.5.x) and before 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag.

David Black made changes - 02/Feb/2018 1:10 AM

Description

New: The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before version 4.14.11 (the fixed version for 4.14.x), 5.0.9 (the fixed version for 5.0.x), 5.1.8 (the fixed version for 5.1.x), 5.2.6 (the fixed version for 5.2.x), 5.3.4 (the fixed version for 5.3.x), 5.4.2 (the fixed version for 5.4.x), 5.5.1 (the fixed version for 5.5.x) and 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag.

David Black made changes - 02/Feb/2018 1:09 AM

Labels

Original: advisory advisory-to-release bugbounty cvss-high path-traversal security

New: CVE-2017-18037 advisory advisory-to-release bugbounty cvss-high path-traversal security

David Black made changes - 02/Feb/2018 1:09 AM

Summary

Original: Sanitised security issue 31b253be0ae3ad281ba8bdf0a804c0851b6fcdfe4f5efe435538f64bb3548bee

New: Path traversal through the name of a git tag in the git repository tag rest resource - CVE-2017-18037

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Affected customers:: 0 This affects my team

Watchers:: 1 Start watching this issue

Created:: 02/Feb/2018 12:12 AM

Updated:: 05/Dec/2019 1:33 AM

Resolved:: 02/Feb/2018 12:52 AM

Details

Description

Attachments

Issue Links

Forms

Activity

[BSERV-10595] Path traversal through the name of a git tag in the git repository tag rest resource - CVE-2017-18037

People

Dates