Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Atlassian Bamboo Server 5.12.x < 5.12.3.1 RCE

High

Synopsis

The remote Bamboo server is affected by a remote code execution (RCE) vulnerability.

Description

Versions of Bamboo 5.12.x prior to 5.12.3.1 contain a Java object deserialization flaw that is triggered when handling certain input from build agents. This may allow a remote attacker to potentially execute arbitrary code.

Solution

Upgrade to Bamboo 5.12.x version 5.12.3.1 or later.