Remote Code Execution Vulnerability in Bamboo Data Center by Atlassian
CVE-2023-22506

8.8HIGH

Key Information:

Vendor

Atlassian
Status
Bamboo Data Center
Bamboo Server
Vendor
CVE Published:
19 July 2023

What is CVE-2023-22506?

An injection and remote code execution vulnerability has been identified in Bamboo Data Center, allowing authenticated attackers to modify system calls and execute arbitrary code. This security flaw impacts the confidentiality, integrity, and availability of systems without requiring user interaction. Atlassian strongly advises updating to the latest version or at least to patched versions 9.2.3 or 9.3.1 to safeguard against potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Bamboo Data Center >= 8.0.0 < 8.0.0

Bamboo Server >= 8.0.0 < 8.0.0

Bamboo Data Center < 8.0.0 < 8.0.0

References

https://jira.atlassian.com/browse/BAM-22400

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

a private user
JSON
.