Is CVE-2019-3397 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Atlassian Bitbucket Data Center

CVE-2019-3397

Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.15.x), from…

EPSS: 0.051 (90.1th percentile) — read the EPSS interpretation.

Affected products

Atlassian Bitbucket Data Center — versions 5.13.0, unspecified, 5.14.0

Public proof-of-concept exploits

gengstah/bitbucket-path-traversal-rce

References

jira.atlassian.com/browse/BSERV-11706 (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-3397?: CVE-2019-3397 is a vulnerability in Atlassian Bitbucket Data Center. Published 2019-06-03.
Is CVE-2019-3397 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.