Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them to gain code execution, exploit CVE-2017-1000117 if a vulnerable version of git is in use, and or determine if an internal service exists via an argument injection vulnerability in the at parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Bitbucket Server 权限许可和访问控制问题漏洞
Vulnerability Description
Atlassian Bitbucket Server是澳大利亚Atlassian公司的一款Git代码托管解决方案。该方案能够管理并审查代码,具有差异视图、JIRA集成和构建集成等功能。 Atlassian Bitbucket Server中的download commit资源存在提权漏洞。远程攻击者可借助‘at’参数利用该漏洞向磁盘中写入文件,执行代码。以下版本受到影响:Atlassian Bitbucket Server 5.1.0版本至5.1.7版本(不包括5.1.7版本),5.2.0版本至5.2.5
CVSS Information
N/A
Vulnerability Type
N/A