First published: Tue Feb 16 2021(Updated: )
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
Credit: security@atlassian.com
Affected Software | Affected Version | How to fix |
---|---|---|
Atlassian Bitbucket | <6.10.9 | |
Atlassian Bitbucket | >=7.0.0<7.6.4 | |
Atlassian Bitbucket | >=7.7.0<7.10.1 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-36233 is a vulnerability in the Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center.
CVE-2020-36233 has a severity rating of 7.8 (high).
CVE-2020-36233 allows local attackers to escalate privileges due to weak permissions on the installation directory.
Atlassian Bitbucket versions 6.10.9, 7.x before 7.6.4, and from 7.7.0 before 7.10.1 are affected by CVE-2020-36233.
No, Microsoft Windows is not vulnerable to CVE-2020-36233.