Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-19674

Session-Fixation Vulnerability on Bitbucket DC

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Low Low
    • 8.19.10, 9.2.1
    • 8.19.0
    • Security - Other
    • None

      Issue Summary

      Session-Fixation Vulnerability on Bitbucket DC
      Problem: The web application does not regenerate the session ID on the server every time the authorisation context
      the session ID on the server side.
      Impact: An attacker can specifically take over a user's sessions and access their data.
      access their data.

      Steps to Reproduce

      1. The following login shows how the session ID is accepted and not reset. In this case note that this is a previously generated ID. Request & Response: see 'screenshot_1'.

        The session ID was then valid for authenticated requests.

      Expected Results

      Regenerate session IDs after every change to a user's authorisations, e.g: after
      user's authorisations, e.g. after authentication, and invalidate the old session ID

      Actual Results

      Session ID is not regenerated after every time the authorisation context
      the session ID on the server side.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

        1. screenshot_1.png
          161 kB
          Kalyan Kumar

              Unassigned Unassigned
              de843d56add4 Kalyan Kumar
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: