Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Is atlassian-bamboo-agent-installer-8.0.4.jar class log4j 2.9.0 vulnerable to CVE-2021-44228


We had to extract the atlassian-bamboo-agent-installer-8.0.4.jar and to analyse for CVE-2021-44228 for our client. 


What we found was that log4j 2.9.0 is in the atlassian-bamboo-agent-installer-8.0.4.jar/, but apparently its not an issue per Nexus-IQ.


Any idea if atlassian will be updating the atlassian-bamboo-agent-installer-8.0.4.jar ? 


Below are the extracted findings of the bamboo agent installer jar



1 answer

1 vote
Daniel Eads Atlassian Team Dec 13, 2021

Hi @Vincent ,

Please see the advisory we released today - Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228 - for the specific information in regards to Bamboo.

Hi Daniel, 


Thanks for getting back to me. I've checked our bamboo server and it seems clean per the advisory. 


I'm actually asking for the bamboo agent which is not stated

Like Steffen Opel _Utoolity_ likes this

Bamboo agents are not affected as well. Added it to advisory

Like Steffen Opel _Utoolity_ likes this

Hi Alexey,

I still can't see any reference to Bamboo agents on the linked advisory?

Old version was cached, it should be visible now

Like Daniel Eads likes this

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bamboo

Bamboo Data Center 8.1 is now available

G’day Bamboo customers, Bamboo DC 8.1 is now available with it the following features and programs: SAML 2.0, OpenID Connect, and Crowd SSO In order to help admins with a simplified user manage...

164 views 0 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you