[FE-6955] Argument injection in Mercurial repository handling - CVE-2017-14591 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: 4.4.3, 4.5.1
Affects Version/s: None
Component/s: Indexing
Labels:

Symptom Severity:
Severity 1 - Critical
Bug Fix Policy:
View Atlassian Server bug fix policy

Fisheye and Crucible did not check that the name of a file in a Mercurial repository contained argument parameters. An attacker who has permission to add a repository or commit to a mercurial repository tracked by Fisheye or Crucible, can execute code of their choice on systems that run a vulnerable version of Fisheye or Crucible.
All versions of Fisheye and Crucible before 4.4.3 (the fixed version for 4.4.x) and from 4.5.0 before 4.5.1 (the fixed version for 4.5.x) are affected by this vulnerability.

Affected versions:

All versions of Fisheye and Crucible before 4.4.3 (the fixed version for 4.4.x) and from 4.5.0 before 4.5.1 (the fixed version for 4.5.x) are affected by this vulnerability.

Fix:

Fisheye version 4.5.1 is available to download from https://www.atlassian.com/software/fisheye/download.
Crucible version 4.5.1 is available to download from https://www.atlassian.com/software/crucible/download.
Fisheye version 4.4.3 is available to download from https://www.atlassian.com/software/fisheye/download-archives.
Crucible version 4.4.3 is available to download from https://www.atlassian.com/software/fisheye/download-archives.

Acknowledgements
Atlassian would like to credit Zhang Tianqi @ Tophant for reporting this issue to us.

For additional details see the full advisory.

is cloned from

CRUC-8121 Argument injection in Mercurial repository handling - CVE-2017-14591

Closed

mentioned in: Page Failed to load; Page Failed to load

relates to: SECENG-895 Failed to load

David Black added a comment - 15/Nov/2017 11:17 PM

CVSS v3 score: 9.0 => Critical severity

Exploitability Metrics

Attack Vector	Network
Attack Complexity	High
Privileges Required	None
User Interaction	None

Scope Metric

Scope	Changed

Impact Metrics

Confidentiality	High
Integrity	High
Availability	High

https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

David Black added a comment - 15/Nov/2017 11:17 PM CVSS v3 score: 9.0 => Critical severity Exploitability Metrics Attack Vector Network Attack Complexity High Privileges Required None User Interaction None Scope Metric Scope Changed Impact Metrics Confidentiality High Integrity High Availability High https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Assignee:: Unassigned

Reporter:: David Black

Affected customers:: 0 This affects my team

Watchers:: 2 Start watching this issue

Created:: 15/Nov/2017 11:14 PM

Updated:: 05/Dec/2019 1:31 AM

Resolved:: 21/Nov/2017 12:49 AM

FishEye

Details

Description

Attachments

Issue Links

Forms

Activity

[FE-6955] Argument injection in Mercurial repository handling - CVE-2017-14591

Collapse comment: David Black added a comment - 15/Nov/2017 11:17 PM

Expand comment: David Black added a comment - 15/Nov/2017 11:17 PM

People

Dates