{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-01-20T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20160122 January 2016 - Bamboo - Critical Security Advisory", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://jira.atlassian.com/browse/BAM-17099"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9757", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20160122 January 2016 - Bamboo - Critical Security Advisory", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded"}, {"name": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html", "refsource": "CONFIRM", "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html"}, {"name": "https://jira.atlassian.com/browse/BAM-17099", "refsource": "CONFIRM", "url": "https://jira.atlassian.com/browse/BAM-17099"}, {"name": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:55:04.539Z"}, "title": "CVE Program Container", "references": [{"name": "20160122 January 2016 - Bamboo - Critical Security Advisory", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://jira.atlassian.com/browse/BAM-17099"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9757", "datePublished": "2016-02-08T19:00:00.000Z", "dateReserved": "2015-11-25T00:00:00.000Z", "dateUpdated": "2024-08-06T13:55:04.539Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:atlassian:bamboo:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "2764BBDA-4FA2-4FFD-A126-823CB52D0D06", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "42875600-4DA1-4574-9F9D-0FB8AE61DD10", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "3C79631B-6B9F-4FC0-9B12-17CD656A1CD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "C2337D88-9821-4794-B0C8-6FA73BD158C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "F2F087A2-790D-4D36-82F0-83C6BF504216", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "2162E45E-58ED-43B5-905F-C2E7475E0DB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "69BE15C9-542E-4586-8B05-BBE1508266E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "8C8F7C6B-C6DF-4106-83FA-C8BCB2A0D02A", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "3D461805-C648-420C-9352-64634DC06CF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "F995A4F3-EDB9-431C-864E-253EACB523A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "5B407F0C-D5CA-4D33-A124-CBEC74B5EF5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0F1B608F-A264-4FFB-9250-311ECEC065E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "5259D2D7-ABAE-4024-AA80-77D7F6A2AD21", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "E42A908E-D53D-4A7A-917E-FB66C846CC55", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "F41AEA85-6758-448C-B7AC-87E252380BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "AE7F1728-FBE3-4FEF-8CA9-E613D5873FC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "5021430D-C84B-4F67-A490-A0D6C87B25D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:2.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "64083DE3-8072-4CAC-B374-5FF402E048A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A940B1E-3E73-4A3E-912B-BF482776CF5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6DB6A4F7-4827-4965-8790-41A60AAD98C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CA69F796-66AC-49BA-BF8C-348E6FDB2176", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "98DE5577-DFD8-42E7-A70A-3402D6386E79", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "BEA5C7C8-CDD5-4D22-A0B6-F7DEC87CDC9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B19625B6-CDBE-485B-BAF1-53ABB770C7B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "866C3CB4-B8FE-4D22-B130-67139D193B83", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7BD2FA24-8D68-4F31-8F88-A0930A92591B", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F3C3168-20E6-41D2-845B-5A661DCF6A21", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "E3BD0EAF-1C94-43A0-9133-9ADD8CAB8F87", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "A4074958-998F-4333-8C81-45D0A765FB6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C5E5257-9004-4874-86A0-A3AB4230CE44", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F9F3A23-71C8-4F65-A739-26BAAF1D9620", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "2539517E-733A-427A-A0DA-F20E6C8A0A0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "FEE47E00-3496-4E22-9BDC-7BAF77516249", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B207B5EC-B2F2-4ED2-94B7-20CC15D542B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "70595742-7AB8-4A9D-94B4-8EADA093DC6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD49DEBD-557F-4D65-9DA3-5A4CA0CB014C", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "1EE8039C-2F64-4056-AADC-66408FADB090", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "36190377-CD45-458D-A533-5D68FC38753F", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:3.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "E2A7E6EF-CEF1-4A6A-8C1F-3BA2CF17D9B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "9F3DF4FF-4C86-4D9F-882C-96482F69F871", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7760BAB-C6F3-40B4-8A65-0778C91B2481", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D38BBD36-6F5F-44E4-8B74-A1F2E6E9ADE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "173874C7-0A68-447D-9284-6904BBBA8D86", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "124E0B33-9C58-4AC9-9064-EE9F29FA56CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "89526493-E441-43A6-9C8B-FF16AFD9060F", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1921815-49AD-474C-8898-614C2209CAEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "0761166B-7FD9-4574-8C13-0336343ADC46", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1B13D9DB-83A0-42AE-A665-214A71890ED0", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "FF901B9B-49DE-4676-8245-E280CF5A7EFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "7A1D8D9B-E39E-4E77-831E-1D417ACEA5C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "951E6F5B-C905-40F2-B164-647A3E948EAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "B408EA00-A128-4927-BFBB-AF0B42EABA56", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B6E80ED-818F-4438-BD2A-AD4847178ABF", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EF0876B2-B95C-464B-9479-CEAA9A64E01A", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "ABFD011B-EC46-4BFC-AAAB-ABE6612B85E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "DCAE8C05-486F-4EC5-B084-2D55331C5EDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "D58EB432-8BFF-4CEC-B46C-695E77E2435C", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:4.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "103A0455-79B1-4135-9384-C673A2459AEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "087D5B44-B9A5-480C-9DDA-16132A79E2FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "BE87C15D-09B8-4B5A-866F-5C2C8A43FB01", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "C2A5DB02-607E-4147-86BD-205BF33C8A18", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "54646B4B-05D3-4628-980D-D77C4AAF87F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "4BFD6A97-95B8-4536-AA16-713D76CAC446", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9ACEC08-CD6D-4B8F-8A82-A75F925D130B", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "352DED96-3E03-48EE-9DF2-0DE73E707845", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9A9E2D3C-D744-4730-83C6-CAFA0C41C916", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DA7AC6DD-FE26-4A33-99BC-E3C0B90C1A93", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "95EB3E57-96E8-42EC-95BE-B14770E450C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "21BC1141-5BE1-4178-9DD7-B7E3CFA59C82", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E64CB47F-1D9B-4C2F-BA47-713F886F2E73", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "E209CB6F-F792-41D9-BC09-41FF771E3659", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "650A769F-762F-431F-A6B4-3F4AD97C3A34", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EEEBC112-E305-4CE6-A935-1D8DBB5A6ED6", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "72284F9F-A0DA-4BED-B2CA-83D525ED4A37", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "8FF3C458-CA8A-4128-BE1C-0AF405D4CC0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "C76C64DA-FAB9-4E72-9F71-088406451285", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "3DF61CCA-0502-4DBB-990A-6F602E947C95", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "F0F2F76E-8150-4432-96A8-52C1D88C1784", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A2F5445-4C2E-49BF-8B5F-B4AACE00CC5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "14BAF1A9-0CBF-4B4F-AD8A-7511659D4FA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "38CC432B-4F6C-48A9-9781-F721D254EBEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4CE881C-9283-45C3-8982-5887C85C1962", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B4DCD084-030A-4CEB-A16E-765B795E17E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "E64A9422-8C57-4AA8-A166-1C287C09BA48", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.9:*:*:*:*:*:*:*", "matchCriteriaId": "E44C5F8E-3414-46A8-AC8E-FEF270CBA38E", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "9027FC28-00AA-4556-AA9F-C9EF816DFD78", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "209C5313-C450-488E-BF5E-531415B8A484", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "F42F8BBF-3FEF-4922-ACEF-89899337F574", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "CF9AAA21-4223-4643-9E39-8DD3FF850B6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:atlassian:bamboo:5.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "F9C45391-347E-4343-8585-58400A219FBB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message."}, {"lang": "es", "value": "La API Ignite Realtime Smack XMPP, como se utiliza en Atlassian Bamboo en versiones anteriores a 5.9.9 y 5.10.x en versiones anteriores a 5.10.0, permite a servidores XMPP remotos configurados ejecutar c\u00f3digo Java arbitrario a trav\u00e9s de datos serializados en un mensaje XMPP."}], "id": "CVE-2014-9757", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-02-08T19:59:00.127", "references": [{"source": "cve@mitre.org", "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://jira.atlassian.com/browse/BAM-17099"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://jira.atlassian.com/browse/BAM-17099"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}