Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Atlassian Bamboo agent

I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
July 10, 2022

1 answer

0 votes
Eduardo Alvarenga
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 10, 2022

Hello @Vansh, Welcome to Atlassian Community!


Atlassian classified it as a “low” based on its CVSSv3 base score (read more about security levels for security issues). Vulnerabilities in the low range typically have very little impact on an organization's business. The exploitation of such vulnerabilities usually requires local or physical system access. Vulnerabilities in third-party code that are unreachable from Atlassian code may be downgraded to low severity.

CVE-2022-23302, CVE-2022-23305, and CVE-2022-23307

Short answer: Fix available

Bamboo and 8.2.1 contain a fix for those three CVEs. Please plan to upgrade at your earliest convenience. 

As the CVE-2022-22965 vulnerability (Spring4shell) was fixed on Bamboo releases 8.0.7, 8.1.6 and 8.2.2 please consider those or later releases instead. Please keep an eye on our FAQ for CVE-2022-22965 for more information.



Eduardo Alvarenga
Atlassian Support APAC

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events