Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Atlassian Bamboo Server < 5.11.4.1 RCE

High

Synopsis

The remote Bamboo server is affected by a remote code execution (RCE) vulnerability.

Description

Versions of Bamboo prior to 5.11.4.1 contain a Java object deserialization flaw that is triggered when handling certain input from build agents. This may allow a remote attacker to potentially execute arbitrary code.

Solution

Upgrade to Bamboo version 5.11.4.1 or later.