CVE-2024-21689

NVD Published Date: August 20, 2024 at 10:15 AM
NVD Last Modified: August 20, 2024 at 03:44 PM
Download Patch
Vulnerability ID
CVE-2024-21689
Severity
None
Severity Score
None
Summary
This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689  was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.6, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.17 Bamboo Data Center and Server 9.6: Upgrade to a release greater than or equal to 9.6.5 See the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]). This vulnerability was reported via our Bug Bounty program.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
None
CWE ID
None

Recent Publish

CVE-2024-7054

CVE-2024-41699

CVE-2024-41700

CVE-2024-41698

CVE-2024-25009

CVE-2024-41697

See SecOps Solution
in action

Schedule Demo