Details
-
Type:
Public Security Vulnerability
-
Status: Published (View Workflow)
-
Priority:
Low
-
Resolution: Fixed
-
Affects Version/s: 6.10.0, 7.8.0
-
Component/s: Security - Other
-
Symptom Severity:Severity 1 - Critical
-
CVSS Score:7.8
Description
Issue Summary
Atlassian Bitbucket on Windows fails to properly set ACLs on its installation directory. Because Bitbucket installs High-privileged services, this allows for multiple privilege escalation vulnerability possibilities.
Affected Versions
The following versions are only affected on Windows:
- All versions < 6.10.9
- 7.x < 7.6.4
- 7.7.x
- 7.8.x
- 7.9.x
- 7.10.0
Fixed Versions
- 6.10.9 (Long Term Support release)
- 7.6.4 (Long Term Support release)
- 7.10.1
Attachments
Issue Links
- relates to
-
VULN-229700 Loading...