Описание
The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.0 (исключая)
cpe:2.3:a:atlassian:companion:*:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00063
Низкий
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-426
Связанные уязвимости
github
больше 3 лет назад
The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.
EPSS
Процентиль: 20%
0.00063
Низкий
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-426