Lucene search
+L

4 matches found

nvd
nvd
added 2017/06/14 8:29 p.m.27 views

CVE-2017-8907

Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects is able to use this...

8.8CVSS8.8AI score0.01638EPSS
Exploits1References2
cve
cve
added 2017/06/14 8:0 p.m.59 views

CVE-2017-8907

Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 are affected by CVE-2017-8907 due to an improper permission check for deployment projects. An authenticated attacker who can log in as a user without edit permission (and with an existing green build plan) can create a deployment project and...

8.8CVSS8.8AI score0.01638EPSS
Exploits1References2Affected Software1
atlassian
atlassian
added 2017/05/23 4:7 a.m.121 views

Incorrect permission check for deployment projects (CVE-2017-8907)

Bamboo did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects is able to use this vulnerability, provided there is an existing plan...

8.8CVSS2.4AI score0.01638EPSS
Exploits1Affected Software1
atlassian
atlassian
added 2017/05/23 4:7 a.m.43 views

Incorrect permission check for deployment projects (CVE-2017-8907)

Bamboo did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects is able to use this vulnerability, provided there is an existing plan...

8.8CVSS2.4AI score0.01638EPSS
Exploits1
Rows per page
Query Builder