Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAtlassianCVELIST:CVE-2017-9514
HistoryOct 12, 2017 - 1:00 p.m.

CVE-2017-9514

2017-10-1213:00:00
atlassian
www.cve.org
4

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

40.3%

JSON

Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a REST endpoint that parsed a YAML file and did not sufficiently restrict which classes could be loaded. An attacker who can log in to Bamboo as a user is able to exploit this vulnerability to execute Java code of their choice on systems that have vulnerable versions of Bamboo.

CNA Affected

[
  {
    "product": "Bamboo",
    "vendor": "Atlassian",
    "versions": [
      {
        "status": "affected",
        "version": "from 6.0.0 before 6.0.5"
      },
      {
        "status": "affected",
        "version": "from 6.1.0 before 6.1.4"
      },
      {
        "status": "affected",
        "version": "from 6.2.0 before 6.2.1"
      }
    ]
  }
]

Related

prion 1
cve 1
nvd 1
openvas 1
zdt 1
prion
prion
Code injection
2017-10-12 13:29:00
cve
cve
CVE-2017-9514
2017-10-12 13:29:00
nvd
nvd
CVE-2017-9514
2017-10-12 13:29:00
openvas
openvas
Atlassian Bamboo RCE Vulnerability
2017-12-14 00:00:00
zdt
zdt
Bamboo 6.x Remote Code Execution Vulnerability
2017-10-27 00:00:00

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

40.3%

JSON
Related for CVELIST:CVE-2017-9514
prion1cve1nvd1openvas1zdt1