Bamboo@5.1 Security Vulnerabilities and Issues — Bamboo@5.1 CVE List

Lucene search

AtlassianBamboo5.1

4 matches found

CVE•added 2016/02/08 7:59 p.m.•49 views

CVE-2015-8360

An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 allows remote attackers to execute arbitrary Java code via serialized data to the JMS port.

9.8CVSS9.7AI score0.01194EPSS

CVE•added 2017/06/14 8:29 p.m.•46 views

CVE-2017-8907

Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can login to Bamboo as a user without the edit permission for deployment projects is able to use this vu...

8.8CVSS8.8AI score0.00853EPSS

CVE•added 2016/02/08 7:59 p.m.•44 views

CVE-2015-8361

Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not require authentication, which allows remote attackers to obtain sensitive information, modify settings, or manage build agents via unknown vectors involving the JMS port.

9.1CVSS9.1AI score0.00524EPSS

CVE•added 2016/02/08 7:59 p.m.•41 views

CVE-2014-9757

The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message.

9.8CVSS9.6AI score0.00778EPSS