CVE-2020-4019
published 2020-06-01CVE-2020-4019: The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | companion | < 1.0.0 | 1.0.0 |
| atlassian | companion_app | >= unspecified < 1.0.0 | 1.0.0 |