2 matches found
CVE-2020-4019
CVE-2020-4019 affects the Atlassian Companion App prior to version 1.0.0. The issue is an untrusted search path vulnerability that allows a local attacker to cause the app to execute a different executable in place of cmd.exe. This is a local, user-interaction-free vector per the NVD entry, with ...
Untrusted Search Path in Content - Edit Files / Companion - CVE-2020-4019
The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability. h5. Acknowledgements Credit for finding this vulnerability goes to Johannes...