Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is Bamboo vulnerable to CVE-2017-9805

serge-clearpoint
serge-clearpoint September 11, 2017

There was a recent Apache Struts 2 vulnerability in the REST plugin: https://www.imperva.com/blog/2017/09/cve-2017-9805-analysis-of-apache-struts-rce-vulnerability-in-rest-plugin/

Is Bamboo (or any of it's plugins) vulnerable to the above?

If so, will there be a patch made available?

Thank you!

Answer
Watch
Like Be the first to like this
756 views

1 answer

1 accepted

1 vote
Answer accepted
serge-clearpoint
serge-clearpoint September 11, 2017

Just found this tweet: https://twitter.com/JIRA/status/905486179901906944

I guess Bamboo is not vulnerable then!

View More Comments
Alexey Chystoprudov
Alexey Chystoprudov
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 11, 2017

Yes, Bamboo is not vulnerable to current Struts issue

Like
Elias Zeidan (they/them)
Elias Zeidan (they/them)
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 11, 2017

Hi Serge,

Thanks for your question and finding the Tweet. Yes, that's right, Bamboo is not affected.

Cheers,

Elias
Bamboo Support

(Edit: Alexey and I commented around the same time; sorry for the duplicate answer)

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events