Atlassian Bamboo 2.7.3

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:atlassian:bamboo:2.7.3:*:*:*:*:*:*:*

part: a version: 2.7.3 update: *

VendorAtlassian (8acde0d4-2b83-5bd8-8d3f-60d59e0b022e)
ProductBamboo (57de54a8-839e-59e5-94c6-5bee320af648)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2015-8361 vulnerable 2026-06-03 14:35:11.736021 Details available
Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not require authentication, which allows remote attackers to obtain sensitive information, modify settings, or manage build agents via unknown vectors involving the JMS port.
Published: 2016-02-08T19:00:00.000Z
Updated: 2024-08-06T08:13:32.335Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-8360 vulnerable 2026-06-03 14:35:11.698545 Details available
An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 allows remote attackers to execute arbitrary Java code via serialized data to the JMS port.
Published: 2016-02-08T19:00:00.000Z
Updated: 2024-08-06T08:13:32.642Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-9757 vulnerable 2026-06-03 14:34:28.214654 Details available
The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message.
Published: 2016-02-08T19:00:00.000Z
Updated: 2024-08-06T13:55:04.539Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.