CVE-2017-18080

2018-02-0200:00:00

atlassian

www.cve.org

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.7%

JSON

The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify security settings via a Cross-site request forgery (CSRF) vulnerability.

CNA Affected

[
  {
    "product": "Bamboo",
    "vendor": "Atlassian",
    "versions": [
      {
        "status": "affected",
        "version": "prior to 6.3.1"
      }
    ]
  }
]

References

jira.atlassian.com/browse/BAM-19664