[CONFSERVER-59734] Untrusted Search Path in Content - Edit Files / Companion - CVE-2020-4019 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: Companion-1.0.0
Affects Version/s: Companion-Legacy
Component/s: Content - Edit Files / Companion
Labels:

Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.

Acknowledgements

Credit for finding this vulnerability goes to Johannes Hatting (UFST).

Tobias Heinemann added a comment - 04/May/2020 5:54 AM

What is this? A major security bug and no advisory? Are we on the save side after upgrading to Confluence 6.13.10 due to ~~CONFSERVER-59244~~? Is disabling Atlassian Companion using the dark feature resolving this issue too?

Tobias Heinemann added a comment - 04/May/2020 5:54 AM What is this? A major security bug and no advisory? Are we on the save side after upgrading to Confluence 6.13.10 due to CONFSERVER-59244 ? Is disabling Atlassian Companion using the dark feature resolving this issue too?

Security Metrics Bot added a comment - 16/Apr/2020 9:16 PM

This is an independent assessment and you should evaluate its applicability to your own IT environment.
CVSS v3 score: 8.4 => High severity

Exploitability Metrics

Attack Vector	Network
Attack Complexity	Low
Privileges Required	High
User Interaction	Required

Scope Metric

Scope	Changed

Impact Metrics

Confidentiality	High
Integrity	High
Availability	High

https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Security Metrics Bot added a comment - 16/Apr/2020 9:16 PM This is an independent assessment and you should evaluate its applicability to your own IT environment. CVSS v3 score: 8.4 => High severity Exploitability Metrics Attack Vector Network Attack Complexity Low Privileges Required High User Interaction Required Scope Metric Scope Changed Impact Metrics Confidentiality High Integrity High Availability High https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Affected customers:: 0 This affects my team

Watchers:: 1 Start watching this issue

Created:: 16/Apr/2020 9:16 PM

Updated:: 21/Jun/2020 11:50 PM

Resolved:: 16/Apr/2020 11:10 PM

Details

Description

Acknowledgements

Attachments

Forms

Activity

[CONFSERVER-59734] Untrusted Search Path in Content - Edit Files / Companion - CVE-2020-4019

Collapse comment: Tobias Heinemann added a comment - 04/May/2020 5:54 AM

Expand comment: Tobias Heinemann added a comment - 04/May/2020 5:54 AM

Collapse comment: Security Metrics Bot added a comment - 16/Apr/2020 9:16 PM

Expand comment: Security Metrics Bot added a comment - 16/Apr/2020 9:16 PM

People

Dates