← voltar
CVE-2018-5225

CVE-2018-5225

EPSS 3.6%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 3.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
22 mar 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed version for 4.13.0 through 5.4.7), 5.5.0 before 5.5.8 (the fixed version for 5.5.x), 5.6.0 before 5.6.5 (the fixed version for 5.6.x), 5.7.0 before 5.7.3 (the fixed version for 5.7.x), and 5.8.0 before 5.8.2 (the fixed version for 5.8.x), allows authenticated users to gain remote code execution using the in browser editing feature via editing a symbolic link within a repository.
Produtos afetados
Atlassian · Bitbucket Server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://confluence.atlassian.com/x/3WNsOhttps://jira.atlassian.com/browse/BSERV-10684http://www.securityfocus.com/bid/103488