CVE-2020-4019

Summary

The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.

Affected Software

VendorProductVersion RangeStatus
AtlassianCompanion Appunspecified < 1.0.0affected

Weaknesses

  • Untrusted Search Path

ADP Enrichment

CVE Program Container

Additional References

References