Atlassian Bamboo < 7.2.10 / 8.0.x < 8.0.9 / 8.1.x < 8.1.4 / 8.2.x < 8.2.4 Multiple Vulnerabilities

critical Nessus Plugin ID 165184

Synopsis

The remote Atlassian Bamboo host is missing a security update.

Description

The version of Atlassian Bamboo installed on the remote host is prior to 7.2.10, 8.0.x prior to 8.0.9, 8.1.x prior to 8.1.8 or 8.2.4. It is, therefore affected by multiple vulnerabilities:

- A remote, unauthenticated attacker can bypass arbitrary Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app and how the filters are used. Confirmed attacks include an authentication bypass on custom Servlet Filters used by third party apps and a cross-site scripting (XSS) attack on the Servlet Filter used to validate legitimate Atlassian Gadgets.
(CVE-2022-26136)

- A remote, unauthenticated attacker can cause additional Servlet Filters to be invoked when the application processes requests or responses. Confirmed attacks of this vulnerability include a cross-origin resource sharing bypass where an attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim's permissions. (CVE-2022-26137)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Atlassian Bamboo version 7.2.10, 8.0.9, 8.1.8, 8.2.4 or later.

See Also

https://jira.atlassian.com/browse/BAM-21795

Plugin Details

Severity: Critical

ID: 165184

File Name: bamboo_8_2_4.nasl

Version: 1.3

Type: remote

Published: 9/15/2022

Updated: 12/5/2022

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

CVSS Score Source: CVE-2022-26137

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:atlassian:bamboo

Required KB Items: installed_sw/bamboo

Exploit Ease: No known exploits are available

Patch Publication Date: 7/20/2022

Vulnerability Publication Date: 7/20/2022

Reference Information

CVE: CVE-2022-26136, CVE-2022-26137