Session-Fixation Vulnerability on Bitbucket DC

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Low
    • 8.19.10, 9.2.1
    • Affects Version/s: 8.19.0
    • Component/s: Security - Other
    • None
    • 1
    • Severity 3 - Minor
    • 34

      Issue Summary

      Session-Fixation Vulnerability on Bitbucket DC
      Problem: The web application does not regenerate the session ID on the server every time the authorisation context
      the session ID on the server side.
      Impact: An attacker can specifically take over a user's sessions and access their data.
      access their data.

      Steps to Reproduce

      1. The following login shows how the session ID is accepted and not reset. In this case note that this is a previously generated ID. Request & Response: see 'screenshot_1'.

        The session ID was then valid for authenticated requests.

      Expected Results

      Regenerate session IDs after every change to a user's authorisations, e.g: after
      user's authorisations, e.g. after authentication, and invalidate the old session ID

      Actual Results

      Session ID is not regenerated after every time the authorisation context
      the session ID on the server side.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

        1. screenshot_1.png
          161 kB
          Kalyan Kumar

            Assignee:
            Unassigned
            Reporter:
            Kalyan Kumar
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: