CVE-2017-9514 is a vulnerability in Atlassian Bamboo
Published on October 12, 2017

Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a REST endpoint that parsed a YAML file and did not sufficiently restrict which classes could be loaded. An attacker who can log in to Bamboo as a user is able to exploit this vulnerability to execute Java code of their choice on systems that have vulnerable versions of Bamboo.

NVD

Products Associated with CVE-2017-9514

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2017-9514 are published in Atlassian Bamboo:

Atlassian Bamboo

Affected Versions

Atlassian Bamboo:

Version from 6.0.0 before 6.0.5 is affected.
Version from 6.1.0 before 6.1.4 is affected.
Version from 6.2.0 before 6.2.1 is affected.

Exploit Probability

EPSS

0.31%

Percentile

53.85%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-9514 is a vulnerability in Atlassian BambooPublished on October 12, 2017

Products Associated with CVE-2017-9514

Affected Versions

Exploit Probability

CVE-2017-9514 is a vulnerability in Atlassian Bamboo
Published on October 12, 2017