[BAM-18842] Remote code execution through OGNL double evaluation - CVE-2017-14589 - Create and track feature requests for Atlassian products.

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: 6.2.5, 6.1.6
Affects Version/s: None
Component/s: None
Labels:

Symptom Severity:
Severity 2 - Major
Bug Fix Policy:
View Atlassian Server bug fix policy

It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that a Bamboo administrator visits, is able to exploit this vulnerability to execute Java code of their choice on systems that run a vulnerable version of Bamboo.

Affected versions:

All versions of Bamboo before 6.1.6 (the fixed version for 6.1.x) and from 6.2.0 before 6.2.5 (the fixed version for 6.2.x) are affected by this vulnerability.

Fix:

Bamboo version 6.2.5 is available to download from https://www.atlassian.com/software/bamboo/download.
Bamboo version 6.1.6 is available to download from https://www.atlassian.com/software/bamboo/download-archives.

Acknowledgements
Atlassian would like to credit Sebastian Perez for reporting this issue to us.

For additional details see the full advisory.

is related to

BAM-18843 Argument injection in Mercurial repository handling - CVE-2017-14590

Closed

mentioned in: Page Loading...

relates to: BDEV-14068 Loading...; SECENG-886 Loading...

David Black added a comment - 15/Nov/2017 10:52 PM

CVSS v3 score: 9.6 => Critical severity

Exploitability Metrics

Attack Vector	Network
Attack Complexity	Low
Privileges Required	None
User Interaction	Required

Scope Metric

Scope	Changed

Impact Metrics

Confidentiality	High
Integrity	High
Availability	High

https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

David Black added a comment - 15/Nov/2017 10:52 PM CVSS v3 score: 9.6 => Critical severity Exploitability Metrics Attack Vector Network Attack Complexity Low Privileges Required None User Interaction Required Scope Metric Scope Changed Impact Metrics Confidentiality High Integrity High Availability High https://asecurityteam.bitbucket.io/cvss_v3/#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Assignee:: Przemek Bruski

Reporter:: David Black

Affected customers:: 0 This affects my team

Watchers:: 4 Start watching this issue

Created:: 15/Nov/2017 10:45 PM

Updated:: 06/Dec/2019 3:42 AM

Resolved:: 05/Dec/2017 6:38 PM

Details

Description

Attachments

Issue Links

Forms

Activity

[BAM-18842] Remote code execution through OGNL double evaluation - CVE-2017-14589

Collapse comment: David Black added a comment - 15/Nov/2017 10:52 PM

Expand comment: David Black added a comment - 15/Nov/2017 10:52 PM

People

Dates