Potential Risk of CVE

Have you worry your source code will be stolen by someone else? – – Vulnerability Note VU#240785 (18th Feb 2021)

Leave a comment

Preface: Bitbucket’s advantage over GitHub used to be that both Git and Mercurial repository hosting were available with Bitbucket.

Background: If you are a Jira user, you can import your existing Git repositories into Bitbucket. Jira Software and Bitbucket does integrate and will work with third party builders like Jenkins. However, the deepest integrations are with Bamboo and using Jira Software and Bitbucket.

Vulnerability details: Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs. For more details, please refer to link or attached diagram – https://kb.cert.org/vuls/id/240785

Remedy: https://jira.atlassian.com/browse/BSERV-12753

Ref: DLLSpy (Dynamic) – DLLSpy scans the loaded modules figure out loaded module list. Then it checks if any of those modules could be hijacked by trying to write to their file location on disk and then checking if they could be overwritten. This happens after the duplication of the access token for browser, which is a weak token. Attacker do that in order to test whether he have write permission to the DLL location and the DLL itself as a regular user.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.