Is Bamboo vulnerable to CVE-2017-9805

There was a recent Apache Struts 2 vulnerability in the REST plugin: https://www.imperva.com/blog/2017/09/cve-2017-9805-analysis-of-apache-struts-rce-vulnerability-in-rest-plugin/

Is Bamboo (or any of it's plugins) vulnerable to the above?

If so, will there be a patch made available?

Thank you!

1 answer

1 accepted

1 vote

Answer accepted

Just found this tweet: https://twitter.com/JIRA/status/905486179901906944

I guess Bamboo is not vulnerable then!

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Yes, Bamboo is not vulnerable to current Struts issue

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Hi Serge,

Thanks for your question and finding the Tweet. Yes, that's right, Bamboo is not affected.

Cheers,

Elias
Bamboo Support

(Edit: Alexey and I commented around the same time; sorry for the duplicate answer)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Is Bamboo vulnerable to CVE-2017-9805

1 answer

1 accepted

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Is Bamboo vulnerable to CVE-2017-9805

1 answer

1 accepted

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events

Welcome to the new Atlassian Community