CVE Vulnerabilities for Atlassian Companion
| CVE | Published | Severity | Details | Exploitability | Impact | Vector |
|---|---|---|---|---|---|---|
| CVE‑2023‑22524 | 2023‑12‑06 05:15:10 | CRITICAL (10) | Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion’s blocklist and MacOS Gatekeeper to allow execution of code. | 4 | 6 | NETWORK |
| CVE‑2020‑4020 | 2020‑06‑01 07:15:11 | HIGH (7) | The file downloading functionality in the Atlassian Companion App before version 1.0.0 allows remote attackers, who control a Confluence Server instance that the Companion App is connected to, execute arbitrary .exe files via a Protection Mechanism Failure. | 1 | 6 | NETWORK |
| CVE‑2020‑4019 | 2020‑06‑01 07:15:11 | HIGH (8) | The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability. | 2 | 6 | LOCAL |
View OS-specific patching for:
Windows Mac Linux
Logos, products, trade names, and company names are all the property of their respective trademark holders.
The above listing includes products that Lavawall® monitors through public information and/or proprietary statistical analysis.
Although we do have a partner relationship with some of the listed products and companies, they do not necessarily endorse Lavawall® or have integrations with our systems.