Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-18843

Argument injection in Mercurial repository handling - CVE-2017-14590

XMLWordPrintable

      Bamboo did not check that the name of a branch in a Mercurial repository contained argument parameters. An attacker who has permission to do one or more of the following:

      • create a repository in Bamboo
      • edit an existing plan in Bamboo that has a non-linked Mercurial repository
      • create or edit a plan in Bamboo when there is at least one linked Mercurial repository that the attacker has permission to use
      • commit to a Mercurial repository used by a Bamboo plan which has branch detection enabled
        can execute code of their choice on systems that run a vulnerable version of Bamboo Server.

      Affected versions:

      • Versions of Bamboo starting with 2.7.0 before 6.1.6 (the fixed version for 6.1.x) and from 6.2.0 before 6.2.5 (the fixed version for 6.2.x) are affected by this vulnerability.

      Fix:

      Acknowledgements
      Atlassian would like to credit Zhang Tianqi @ Tophant for reporting this issue to us.

      For additional details see the full advisory.

              pbruski Przemek Bruski
              dblack David Black
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: