CVE-2019-3397

Name of the Vulnerable Software and Affected Versions Atlassian Bitbucket Data Center versions 5.13.0 through 5.13.5 Atlassian Bitbucket Data Center versions 5.14.0 through 5.14.3 Atlassian Bitbucket Data Center versions 5.15.0 through 5.15.2 Atlassian Bitbucket Data Center versions 5.16.0 through 5.16.2 Atlassian Bitbucket Data Center versions 6.0.0 through 6.0.2 Atlassian Bitbucket Data Center versions 6.1.0 through 6.1.1

Description The issue allows remote attackers with admin permissions to achieve remote code execution on a Bitbucket server instance via path traversal through the Data Center migration tool.

Recommendations For versions 5.13.0 through 5.13.5, update to version 5.13.6 or later. For versions 5.14.0 through 5.14.3, update to version 5.14.4 or later. For versions 5.15.0 through 5.15.2, update to version 5.15.3 or later. For versions 5.16.0 through 5.16.2, update to version 5.16.3 or later. For versions 6.0.0 through 6.0.2, update to version 6.0.3 or later. For versions 6.1.0 through 6.1.1, update to version 6.1.2 or later.