admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-31 10:41:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-362xx/CVE-2020-36233.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

140 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-36233",
"sourceIdentifier": "security@atlassian.com",
"published": "2021-02-18T20:15:12.587",
"lastModified": "2021-02-24T19:30:13.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory."
},
{
"lang": "es",
"value": "El Microsoft Windows Installer para Atlassian Bitbucket Server y Data Center versiones anteriores a 6.10.9, versiones 7.x anteriores a 7.6.4 y desde versi\u00f3n 7.7.0 versiones anteriores a 7.10.1, permite a los atacantes locales escalar privilegios debido a permisos d\u00e9biles en el directorio de instalaci\u00f3n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10.9",
"matchCriteriaId": "8494F78A-D66A-406E-B395-9DB33C290A84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.6.4",
"matchCriteriaId": "8E4BCCD6-7814-47FE-8294-AFA009FE2031"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.7.0",
"versionEndExcluding": "7.10.1",
"matchCriteriaId": "742F96A9-980E-463E-AB11-4347389DEC13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://jira.atlassian.com/browse/BSERV-12753",
"source": "security@atlassian.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://www.kb.cert.org/vuls/id/240785",
"source": "security@atlassian.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink