Vulnerability in Atlassian Bitbucket Data Center

CVE-2020-36233

The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the i…

EPSS: 0.000 (11.8th percentile) — read the EPSS interpretation.

Affected products

Atlassian Bitbucket Data Center — versions unspecified, 7.0.0, 7.7.0
Atlassian Bitbucket Server — versions unspecified, 7.0.0, 7.7.0

References

jira.atlassian.com/browse/BSERV-12753 (x_refsource_MISC)
VU#240785 (third-party-advisory, x_refsource_CERT-VN)