{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T09:57:17.612","vulnerabilities":[{"cve":{"id":"CVE-2018-5225","sourceIdentifier":"security@atlassian.com","published":"2018-03-22T13:29:00.810","lastModified":"2024-11-21T04:08:22.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed version for 4.13.0 through 5.4.7), 5.5.0 before 5.5.8 (the fixed version for 5.5.x), 5.6.0 before 5.6.5 (the fixed version for 5.6.x), 5.7.0 before 5.7.3 (the fixed version for 5.7.x), and 5.8.0 before 5.8.2 (the fixed version for 5.8.x), allows authenticated users to gain remote code execution using the in browser editing feature via editing a symbolic link within a repository."},{"lang":"es","value":"La edición en navegador de Atlassian Bitbucket Server, en versiones 4.13.0 anteriores a la 5.4.8 (la versión solucionada de la versión 4.13.0 hasta la 5.4.7), versiones 5.5.0 anteriores a la 5.5.8 (la versión solucionada de las versiones 5.5.x), versiones 5.6.0 anteriores a la 5.6.5 (la versión solucionada de las versiones 5.6.x), versiones 5.7.0 anteriores a la 5.7.3 (la versión solucionada de las versiones 5.7.x) y versiones 5.8.0 anteriores a la 5.8.2 (la versión solucionada para 5.8.x), permite que usuarios autenticados obtengan ejecución remota de código mediante la característica de edición en navegador editando un enlace simbólico en un repositorio."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*","versionStartIncluding":"4.13.0","versionEndExcluding":"5.4.8","matchCriteriaId":"DBD82B36-AC2E-4658-AF54-08AD80ADC204"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*","versionStartExcluding":"5.5.0","versionEndExcluding":"5.5.8","matchCriteriaId":"5851BBBD-A981-4EDF-908D-26777D56BC28"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6.0","versionEndExcluding":"5.6.5","matchCriteriaId":"C297270E-797B-41F7-8C38-6CBE70F5F576"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7.0","versionEndExcluding":"5.7.3","matchCriteriaId":"DEEE37C3-D9F9-45C6-BB6F-FF1D4BDC7753"},{"vulnerable":true,"criteria":"cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8.0","versionEndExcluding":"5.8.2","matchCriteriaId":"B61465FD-C06C-48A7-BF01-5AAA5C690546"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/103488","source":"security@atlassian.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://confluence.atlassian.com/x/3WNsO","source":"security@atlassian.com","tags":["Vendor Advisory"]},{"url":"https://jira.atlassian.com/browse/BSERV-10684","source":"security@atlassian.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/103488","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://confluence.atlassian.com/x/3WNsO","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://jira.atlassian.com/browse/BSERV-10684","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}