CVE-2022-43781

CRITICAL severity · CVSS 9.8 · Command injection

9.8CVSS CRITICAL

Summary

There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled “Allow public signup”.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges requiredNone

User interactionNone

Confidentiality impactHigh

Integrity impactHigh

Availability impactHigh

Exploit probability (EPSS)87%

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products we track (1)

Atlassian Bitbucket

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Official patch: https://jira.atlassian.com/browse/BSERV-13522 ↗

Additional information

NVD record
https://jira.atlassian.com/browse/BSERV-13522Patch
https://jira.atlassian.com/browse/BSERV-13522Patch
https://confluence.atlassian.com/x/Y4hXRgAdvisory
https://confluence.atlassian.com/x/Y4hXRgAdvisory