Search...

CVE-2015-8361

2016-02-08T19:59:00

ID CVE-2015-8361
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:58:00

Description

Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not require authentication, which allows remote attackers to obtain sensitive information, modify settings, or manage build agents via unknown vectors involving the JMS port.

JSON Vulners Source

Initial Source

{"id": "CVE-2015-8361", "bulletinFamily": "NVD", "title": "CVE-2015-8361", "description": "Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not require authentication, which allows remote attackers to obtain sensitive information, modify settings, or manage build agents via unknown vectors involving the JMS port.", "published": "2016-02-08T19:59:00", "modified": "2018-10-09T19:58:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8361", "reporter": "cve@mitre.org", "references": ["https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html", "http://www.securityfocus.com/archive/1/537347/100/0/threaded", "https://jira.atlassian.com/browse/BAM-17102", "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html"], "cvelist": ["CVE-2015-8361"], "type": "cve", "lastseen": "2021-02-02T06:21:30", "edition": 4, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "atlassian", "idList": ["ATLASSIAN:BAM-17102", "ATLASSIAN:BAM-17099"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310807266"]}], "modified": "2021-02-02T06:21:30", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-02-02T06:21:30", "rev": 2}, "vulnersScore": 5.1}, "cpe": ["cpe:/a:atlassian:bamboo:3.4.4", "cpe:/a:atlassian:bamboo:4.1.1", "cpe:/a:atlassian:bamboo:2.7.1", "cpe:/a:atlassian:bamboo:2.7.4", "cpe:/a:atlassian:bamboo:3.0.1", "cpe:/a:atlassian:bamboo:4.1.2", "cpe:/a:atlassian:bamboo:4.3.4", "cpe:/a:atlassian:bamboo:5.8.1", "cpe:/a:atlassian:bamboo:2.5.3", "cpe:/a:atlassian:bamboo:4.3.1", "cpe:/a:atlassian:bamboo:5.9.1", "cpe:/a:atlassian:bamboo:2.6.3", "cpe:/a:atlassian:bamboo:5.2.2", "cpe:/a:atlassian:bamboo:2.5.2", "cpe:/a:atlassian:bamboo:3.0.2", "cpe:/a:atlassian:bamboo:5.1", "cpe:/a:atlassian:bamboo:2.7.3", "cpe:/a:atlassian:bamboo:5.4.1", "cpe:/a:atlassian:bamboo:4.3.2", "cpe:/a:atlassian:bamboo:4.4", "cpe:/a:atlassian:bamboo:3.2", "cpe:/a:atlassian:bamboo:5.4.2", "cpe:/a:atlassian:bamboo:5.0", "cpe:/a:atlassian:bamboo:5.8.5", "cpe:/a:atlassian:bamboo:5.9.7", "cpe:/a:atlassian:bamboo:5.2", "cpe:/a:atlassian:bamboo:3.3.1", "cpe:/a:atlassian:bamboo:3.4.5", "cpe:/a:atlassian:bamboo:4.3.3", "cpe:/a:atlassian:bamboo:5.3", "cpe:/a:atlassian:bamboo:3.1.4", "cpe:/a:atlassian:bamboo:3.4.1", "cpe:/a:atlassian:bamboo:2.5", "cpe:/a:atlassian:bamboo:2.5.1", "cpe:/a:atlassian:bamboo:5.9.2", "cpe:/a:atlassian:bamboo:3.1", "cpe:/a:atlassian:bamboo:5.5", "cpe:/a:atlassian:bamboo:2.7.2", "cpe:/a:atlassian:bamboo:3.3.2", "cpe:/a:atlassian:bamboo:4.3", "cpe:/a:atlassian:bamboo:3.0.3", "cpe:/a:atlassian:bamboo:4.4.3", "cpe:/a:atlassian:bamboo:2.4.3", "cpe:/a:atlassian:bamboo:4.4.8", "cpe:/a:atlassian:bamboo:4.1", "cpe:/a:atlassian:bamboo:4.2.1", "cpe:/a:atlassian:bamboo:5.4", "cpe:/a:atlassian:bamboo:5.9", "cpe:/a:atlassian:bamboo:5.8", "cpe:/a:atlassian:bamboo:5.7", "cpe:/a:atlassian:bamboo:3.4.2", "cpe:/a:atlassian:bamboo:4.4.2", "cpe:/a:atlassian:bamboo:5.1.1", "cpe:/a:atlassian:bamboo:5.6.1", "cpe:/a:atlassian:bamboo:4.4.4", "cpe:/a:atlassian:bamboo:5.2.1", "cpe:/a:atlassian:bamboo:2.5.5", "cpe:/a:atlassian:bamboo:2.6", "cpe:/a:atlassian:bamboo:5.6", "cpe:/a:atlassian:bamboo:3.2.2", "cpe:/a:atlassian:bamboo:3.3", "cpe:/a:atlassian:bamboo:4.4.5", "cpe:/a:atlassian:bamboo:5.7.2", "cpe:/a:atlassian:bamboo:2.6.1", "cpe:/a:atlassian:bamboo:4.2", "cpe:/a:atlassian:bamboo:5.0.1", "cpe:/a:atlassian:bamboo:3.1.1", "cpe:/a:atlassian:bamboo:2.4.2", "cpe:/a:atlassian:bamboo:5.6.2", "cpe:/a:atlassian:bamboo:5.9.3", "cpe:/a:atlassian:bamboo:2.4.1", "cpe:/a:atlassian:bamboo:2.6.2", "cpe:/a:atlassian:bamboo:4.4.1", "cpe:/a:atlassian:bamboo:2.7", "cpe:/a:atlassian:bamboo:4.0.1", "cpe:/a:atlassian:bamboo:5.8.2", "cpe:/a:atlassian:bamboo:3.4.3", "cpe:/a:atlassian:bamboo:3.0", "cpe:/a:atlassian:bamboo:3.3.3", "cpe:/a:atlassian:bamboo:5.9.4", "cpe:/a:atlassian:bamboo:3.4", "cpe:/a:atlassian:bamboo:4.0", "cpe:/a:atlassian:bamboo:2.4", "cpe:/a:atlassian:bamboo:3.1.3", "cpe:/a:atlassian:bamboo:5.7.1", "cpe:/a:atlassian:bamboo:3.3.4"], "affectedSoftware": [{"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.4.5"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.4.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.7"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.0.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.4.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.4.5"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.3.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.9.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.5"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.8.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.7.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.3.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.6.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.9.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.2.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.9.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.4.8"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.7.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.9.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.7.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.6"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.4.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.1.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.7.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.4.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.0.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.7.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.5"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.9"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.0"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.3.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.6.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.4.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.6"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.0.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.0"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.0"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.0"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.0"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.0"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.8.5"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.5.5"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.9.7"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.2.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.8.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.7"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.3.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.4.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.3.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.1.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.1.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.4.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.8"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.0"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.5.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.0.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.1.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.6.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.5.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.4.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.3.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.7.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.6.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.1.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.3.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.4.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.3.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.2.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.4.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.0.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.2"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.4.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.5.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "4.2.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.1.4"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "2.4.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.4.3"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "3.1"}, {"cpeName": "atlassian:bamboo", "name": "atlassian bamboo", "operator": "eq", "version": "5.6.1"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM"}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.2}, "cpe23": ["cpe:2.3:a:atlassian:bamboo:5.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.7:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.9:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.5:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.8:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:atlassian:bamboo:4.4.5:*:*:*:*:*:*:*"], "cwe": ["CWE-284"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.9.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.5.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.8.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.7.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.0:beta2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.6.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.3.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.4.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.4.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.0:rc1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.5.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.4.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.4.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.9:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.0:beta1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.9.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.9.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.0.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.4.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.4.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.3.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.7.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.9.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.7.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.9.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.8.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.4.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.0:beta3:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.7.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.0.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.3.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.4.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:5.8.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:2.5.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:atlassian:bamboo:3.1.4:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://jira.atlassian.com/browse/BAM-17102", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "https://jira.atlassian.com/browse/BAM-17102"}, {"name": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html", "refsource": "MISC", "tags": [], "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html"}, {"name": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html"}, {"name": "20160122 January 2016 - Bamboo - Critical Security Advisory", "refsource": "BUGTRAQ", "tags": [], "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded"}], "immutableFields": []}

{"atlassian": [{"lastseen": "2020-12-24T14:35:21", "bulletinFamily": "software", "cvelist": ["CVE-2014-9757", "CVE-2015-8361"], "description": "*Bamboo* exposed services without first performing authentication checks. Attackers can use this vulnerability to extract confidential information from *Bamboo*, modify certain settings and manage build agents. To exploit this issue, attackers need to be able to access the *Bamboo* JMS port.\r\n\r\n*Affected versions:*\r\n* All versions of Bamboo from 2.4 before 5.9.9 (the fixed version for 5.9.x) are affected by this vulnerability.\r\n\r\n\\\\\r\n*Fix:*\r\n* Bamboo 5.10.0 is available for download from https://www.atlassian.com/software/bamboo/download.\r\n* Bamboo 5.9.9 is available for download from https://www.atlassian.com/software/bamboo/download-archives.\r\n\r\n\\\\\r\nFor additional details see the [full advisory|https://confluence.atlassian.com/x/VzlZLw].", "edition": 7, "modified": "2019-11-13T23:55:53", "published": "2016-01-12T03:59:40", "id": "ATLASSIAN:BAM-17102", "href": "https://jira.atlassian.com/browse/BAM-17102", "title": "CVE-2015-8361: Services exposed without authentication Vulnerability", "type": "atlassian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T14:35:29", "bulletinFamily": "software", "cvelist": ["CVE-2014-9757", "CVE-2015-8360", "CVE-2015-8361"], "description": "*Bamboo* used an old version of the Smack XMPP library that deserialises messages received from XMPP. Attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of *Bamboo* if a XMPP connection has been configured. To exploit this issue, *Bamboo* attackers need to be able to modify XMPP messages destined to *Bamboo* from a configured XMPP server.\r\n\r\n*Affected versions:*\r\n* All versions of *Bamboo* from 2.4 before 5.9.9 (the fixed version for 5.9.x) are affected by this vulnerability. \r\n\r\n\\\\\r\n*Fix:*\r\n* Bamboo 5.10.0 is available for download from https://www.atlassian.com/software/bamboo/download.\r\n* Bamboo 5.9.9 is available for download from https://www.atlassian.com/software/bamboo/download-archives.\r\n\r\n\\\\\r\nFor additional details see the [full advisory|https://confluence.atlassian.com/x/VzlZLw].", "edition": 7, "modified": "2019-11-13T23:54:08", "published": "2016-01-12T03:54:52", "id": "ATLASSIAN:BAM-17099", "href": "https://jira.atlassian.com/browse/BAM-17099", "title": "CVE-2014-9757: Deserialisation Through Smack Resulting in Remote Code Execution Vulnerability", "type": "atlassian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:35:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-9757", "CVE-2015-8361"], "description": "The host is installed with Atlassian Bamboo\n and is prone to multiple vulnerabilities.", "modified": "2018-10-17T00:00:00", "published": "2016-02-19T00:00:00", "id": "OPENVAS:1361412562310807266", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807266", "type": "openvas", "title": "Atlassian Bamboo Multiple Vulnerabilities Feb16", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_atlassian_bamboo_mult_vuln.nasl 11938 2018-10-17 10:08:39Z asteins $\n#\n# Atlassian Bamboo Multiple Vulnerabilities Feb16\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n##############################################################################\n\nCPE = \"cpe:/a:atlassian:bamboo\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807266\");\n script_version(\"$Revision: 11938 $\");\n script_cve_id(\"CVE-2015-8361\", \"CVE-2014-9757\");\n script_bugtraq_id(83104, 83107);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-17 12:08:39 +0200 (Wed, 17 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-19 10:03:11 +0530 (Fri, 19 Feb 2016)\");\n script_name(\"Atlassian Bamboo Multiple Vulnerabilities Feb16\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Atlassian Bamboo\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - The Ignite Realtime Smack XMPP API does not validate serialized data\n in an XMPP message.\n\n - The multiple unspecified services do not require authentication.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary java code, and to obtain sensitive information,\n modify settings, or manage build agents.\");\n\n script_tag(name:\"affected\", value:\"Atlassian Bamboo 2.4 through 5.9.9\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 5.9.9 or later\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"https://jira.atlassian.com/browse/BAM-17102\");\n script_xref(name:\"URL\", value:\"https://jira.atlassian.com/browse/BAM-17099\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_atlassian_bamboo_detect.nasl\");\n script_mandatory_keys(\"AtlassianBamboo/Installed\");\n script_xref(name:\"URL\", value:\"https://www.atlassian.com/software/bamboo\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!bambooPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!bambooVer = get_app_version(cpe:CPE, port:bambooPort)){\n exit(0);\n}\n\nif(version_in_range(version:bambooVer, test_version:\"2.4\", test_version2:\"5.9.8\"))\n{\n report = report_fixed_ver(installed_version:bambooVer, fixed_version:\"5.9.9\");\n security_message(data:report, port:bambooPort);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}