High severity7.5NVD Advisory· Published Feb 15, 2018· Updated Jun 17, 2026
CVE-2017-18087
CVE-2017-18087
Description
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them to gain code execution, exploit CVE-2017-1000117 if a vulnerable version of git is in use, and or determine if an internal service exists via an argument injection vulnerability in the at parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25.1.0 < 5.1.7, 5.2.0 < 5.2.5, 5.3.0 < 5.3.3, 5.4.0 < 5.4.1+ 1 more
- (no CPE)range: 5.1.0 < 5.1.7, 5.2.0 < 5.2.5, 5.3.0 < 5.3.3, 5.4.0 < 5.4.1
- (no CPE)range: from 5.1.0 prior to 5.1.7
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/103038nvdThird Party AdvisoryVDB Entry
- jira.atlassian.com/browse/BSERV-10593nvdVendor Advisory
News mentions
0No linked articles in our index yet.