2 matches found
CVE-2015-4136
The CVE-2015-4136 entry is supported by Atlassian advisories BAM-16023 (and BAM-16023 cross‑references) describing a vulnerability in Bamboo 5.8.0/5.8.1 where the Windows Stock Image (Windows Server 2012 R2) AMI included a publicly known password for the ‘bamboo’ user. This allowed SSH access to ...
CVE-2015-4136: SSH Authorisation permitted for a user with hard-coded credentials in Windows Stock Image (Windows Server 2012 R2) AMI
In Bamboo 5.8.0 and 5.8.1 the Windows Stock Image Windows Server 2012 R2 AMI contain a 'bamboo' user which is configured with a publicly known password. While the 'bamboo' user is not allowed RDP access it was permitted to login through SSH on instances using the affected AMI. In the event that a...