cve-2014-9757
Vulnerability from cvelistv5
Published
2016-02-08 19:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T13:55:04.539Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20160122 January 2016 - Bamboo - Critical Security Advisory", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://jira.atlassian.com/browse/BAM-17099" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-20T00:00:00", "descriptions": [ { "lang": "en", "value": "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20160122 January 2016 - Bamboo - Critical Security Advisory", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://jira.atlassian.com/browse/BAM-17099" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9757", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20160122 January 2016 - Bamboo - Critical Security Advisory", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded" }, { "name": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html", "refsource": "CONFIRM", "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html" }, { "name": "https://jira.atlassian.com/browse/BAM-17099", "refsource": "CONFIRM", "url": "https://jira.atlassian.com/browse/BAM-17099" }, { "name": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9757", "datePublished": "2016-02-08T19:00:00", "dateReserved": "2015-11-25T00:00:00", "dateUpdated": "2024-08-06T13:55:04.539Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2014-9757\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-02-08T19:59:00.127\",\"lastModified\":\"2018-10-09T19:55:13.357\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message.\"},{\"lang\":\"es\",\"value\":\"La API Ignite Realtime Smack XMPP, como se utiliza en Atlassian Bamboo en versiones anteriores a 5.9.9 y 5.10.x en versiones anteriores a 5.10.0, permite a servidores XMPP remotos configurados ejecutar c\u00f3digo Java arbitrario a trav\u00e9s de datos serializados en un mensaje XMPP.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2764BBDA-4FA2-4FFD-A126-823CB52D0D06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42875600-4DA1-4574-9F9D-0FB8AE61DD10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C79631B-6B9F-4FC0-9B12-17CD656A1CD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2337D88-9821-4794-B0C8-6FA73BD158C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2F087A2-790D-4D36-82F0-83C6BF504216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2162E45E-58ED-43B5-905F-C2E7475E0DB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69BE15C9-542E-4586-8B05-BBE1508266E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C8F7C6B-C6DF-4106-83FA-C8BCB2A0D02A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D461805-C648-420C-9352-64634DC06CF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F995A4F3-EDB9-431C-864E-253EACB523A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B407F0C-D5CA-4D33-A124-CBEC74B5EF5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F1B608F-A264-4FFB-9250-311ECEC065E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5259D2D7-ABAE-4024-AA80-77D7F6A2AD21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E42A908E-D53D-4A7A-917E-FB66C846CC55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F41AEA85-6758-448C-B7AC-87E252380BBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7F1728-FBE3-4FEF-8CA9-E613D5873FC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5021430D-C84B-4F67-A490-A0D6C87B25D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:2.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64083DE3-8072-4CAC-B374-5FF402E048A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A940B1E-3E73-4A3E-912B-BF482776CF5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DB6A4F7-4827-4965-8790-41A60AAD98C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA69F796-66AC-49BA-BF8C-348E6FDB2176\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98DE5577-DFD8-42E7-A70A-3402D6386E79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEA5C7C8-CDD5-4D22-A0B6-F7DEC87CDC9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B19625B6-CDBE-485B-BAF1-53ABB770C7B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"866C3CB4-B8FE-4D22-B130-67139D193B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD2FA24-8D68-4F31-8F88-A0930A92591B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F3C3168-20E6-41D2-845B-5A661DCF6A21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3BD0EAF-1C94-43A0-9133-9ADD8CAB8F87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4074958-998F-4333-8C81-45D0A765FB6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C5E5257-9004-4874-86A0-A3AB4230CE44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F9F3A23-71C8-4F65-A739-26BAAF1D9620\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2539517E-733A-427A-A0DA-F20E6C8A0A0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEE47E00-3496-4E22-9BDC-7BAF77516249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B207B5EC-B2F2-4ED2-94B7-20CC15D542B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70595742-7AB8-4A9D-94B4-8EADA093DC6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD49DEBD-557F-4D65-9DA3-5A4CA0CB014C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EE8039C-2F64-4056-AADC-66408FADB090\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36190377-CD45-458D-A533-5D68FC38753F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:3.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2A7E6EF-CEF1-4A6A-8C1F-3BA2CF17D9B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F3DF4FF-4C86-4D9F-882C-96482F69F871\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7760BAB-C6F3-40B4-8A65-0778C91B2481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D38BBD36-6F5F-44E4-8B74-A1F2E6E9ADE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"173874C7-0A68-447D-9284-6904BBBA8D86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"124E0B33-9C58-4AC9-9064-EE9F29FA56CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89526493-E441-43A6-9C8B-FF16AFD9060F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1921815-49AD-474C-8898-614C2209CAEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0761166B-7FD9-4574-8C13-0336343ADC46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B13D9DB-83A0-42AE-A665-214A71890ED0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF901B9B-49DE-4676-8245-E280CF5A7EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A1D8D9B-E39E-4E77-831E-1D417ACEA5C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"951E6F5B-C905-40F2-B164-647A3E948EAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B408EA00-A128-4927-BFBB-AF0B42EABA56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B6E80ED-818F-4438-BD2A-AD4847178ABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0876B2-B95C-464B-9479-CEAA9A64E01A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABFD011B-EC46-4BFC-AAAB-ABE6612B85E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCAE8C05-486F-4EC5-B084-2D55331C5EDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D58EB432-8BFF-4CEC-B46C-695E77E2435C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:4.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"103A0455-79B1-4135-9384-C673A2459AEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"087D5B44-B9A5-480C-9DDA-16132A79E2FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE87C15D-09B8-4B5A-866F-5C2C8A43FB01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2A5DB02-607E-4147-86BD-205BF33C8A18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"54646B4B-05D3-4628-980D-D77C4AAF87F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFD6A97-95B8-4536-AA16-713D76CAC446\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9ACEC08-CD6D-4B8F-8A82-A75F925D130B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"352DED96-3E03-48EE-9DF2-0DE73E707845\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A9E2D3C-D744-4730-83C6-CAFA0C41C916\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA7AC6DD-FE26-4A33-99BC-E3C0B90C1A93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95EB3E57-96E8-42EC-95BE-B14770E450C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21BC1141-5BE1-4178-9DD7-B7E3CFA59C82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E64CB47F-1D9B-4C2F-BA47-713F886F2E73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E209CB6F-F792-41D9-BC09-41FF771E3659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"650A769F-762F-431F-A6B4-3F4AD97C3A34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEEBC112-E305-4CE6-A935-1D8DBB5A6ED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72284F9F-A0DA-4BED-B2CA-83D525ED4A37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FF3C458-CA8A-4128-BE1C-0AF405D4CC0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C76C64DA-FAB9-4E72-9F71-088406451285\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DF61CCA-0502-4DBB-990A-6F602E947C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F2F76E-8150-4432-96A8-52C1D88C1784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A2F5445-4C2E-49BF-8B5F-B4AACE00CC5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14BAF1A9-0CBF-4B4F-AD8A-7511659D4FA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38CC432B-4F6C-48A9-9781-F721D254EBEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4CE881C-9283-45C3-8982-5887C85C1962\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4DCD084-030A-4CEB-A16E-765B795E17E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E64A9422-8C57-4AA8-A166-1C287C09BA48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E44C5F8E-3414-46A8-AC8E-FEF270CBA38E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9027FC28-00AA-4556-AA9F-C9EF816DFD78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"209C5313-C450-488E-BF5E-531415B8A484\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F42F8BBF-3FEF-4922-ACEF-89899337F574\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF9AAA21-4223-4643-9E39-8DD3FF850B6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:atlassian:bamboo:5.9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9C45391-347E-4343-8585-58400A219FBB\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/537347/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jira.atlassian.com/browse/BAM-17099\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.