Atlassian Bamboo Server 5.12.x < 126.96.36.199 RCE
High Nessus Network Monitor Plugin ID 9670
SynopsisThe remote Bamboo server is affected by a remote code execution (RCE) vulnerability.
DescriptionVersions of Bamboo 5.12.x prior to 188.8.131.52 contain a Java object deserialization flaw that is triggered when handling certain input from build agents. This may allow a remote attacker to potentially execute arbitrary code.
SolutionUpgrade to Bamboo 5.12.x version 184.108.40.206 or later.