RSS   Vulnerabilities for 'Bitbucket server'   RSS

2018-02-15
 
CVE-2017-18087

CWE-noinfo
 

 
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them to gain code execution, exploit CVE-2017-1000117 if a vulnerable version of git is in use, and or determine if an internal service exists via an argument injection vulnerability in the at parameter.

 

 >>> Vendor: Atlassian 44 Products
Confluence
JIRA
Fisheye
Bamboo
Crowd
Crucible
Hipchat
Jira core
Jira service desk
Jira integration for hipchat
Bitbucket
Hipchat server
Sourcetree
Oauth
Bitbucket auto unapprove plugin
Bitbucket server
Floodlight controller
Cloudtoken
Crowd2
Application links
Universal plugin manager
Jira service desk server
Troubleshooting and support
Saml single sign on
Subversion application lifecycle management
Jira software data center
Companion
Navigator links
Data center
Editor-core
Alfresco enterprise content management
Connect express
Connect spring boot
Floodlight
Jira server and data center
Jira service management
Confluence data center
Confluence server
Bitbucket data center
Jira data center
Jira server
Assets discovery data server
Assets discovery data center
Assets discovery cloud


Copyright 2024, cxsecurity.com

 

Back to Top