← back
CVE-2017-18038

CVE-2017-18038

EPSS 1.5%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
02 Feb 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.
Affected products
Atlassian · Bitbucket Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jira.atlassian.com/browse/BSERV-10592