CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-4019

The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.9%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.4

References

https://jira.atlassian.com/browse/CONFSERVER-59734
https://jira.atlassian.com/browse/CONFSERVER-59734

Products affected by CVE-2020-4019

Atlassian » Companion » Version: Any

cpe:2.3:a:atlassian:companion:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-4019

Products

Pricing

Contact Us