Researchers Detail Exploit Chain for Hijacking Atlassian Accounts
Researchers at cybersecurity firm Check Point discovered several vulnerabilities that could have been chained to take over Atlassian accounts or access a company’s Bitbucket-hosted source code. Atlassian patched the flaws before their details were made public.
The software development and collaboration tools made by Australia-based Atlassian are used by more than 150,000 organizations worldwide, which can make the company’s products a tempting target for malicious actors.
Check Point reported on Thursday that its researchers identified a series of vulnerabilities affecting several Atlassian applications connected through single sign-on (SSO). Impacted subdomains included jira.atlassian.com, confluence.atlassian.com, getsupport.atlassian.com, partners.atlassian.com, developer.atlassian.com, support.atlassian.com, and training.atlassian.com.
In order to trigger the exploit chain and take control of an account, the attacker only needed to convince the targeted user to click on a malicious link.
Check Point researchers also showed how an attacker could have targeted Atlassian’s source code repository hosting service Bitbucket. An attacker who could trick a user into clicking on a malicious link could have stolen that user’s credentials.
“Accessing a company’s Bitbucket repositories could allow attackers to access and change source code, make it public or even plant backdoors,” the researchers warned.
Contacted by SecurityWeek, an Atlassian spokesperson said that based on the company’s investigation, the vulnerabilities impacted “a limited set of Atlassian-owned web applications as well as a third-party training platform.”
“Atlassian has shipped patches to address these issues and none of these vulnerabilities affected Atlassian Cloud (like Jira or Confluence Cloud) or on-premise products (like Jira Server or Confluence Server),” the company said.
Check Point has published a blog post detailing its findings, as well as a video showing the exploits in action.