Atlassian Bamboo: Attackers can compromise development environments

Attacks on Atlassian Bamboo Data Center and servers are conceivable. Versions secured against this have been released.

Bamboo needs an update

(Image: monticello/Shutterstock.com)

Jul 19, 2024 at 9:01 pm CEST

1 min. read

Security

By

Dennis Schirrmacher

This article was originally published in German and has been automatically translated.

Atlassian's Bamboo Data Center and Server software development tools are vulnerable. Under certain conditions, attackers can exploit a security vulnerability.

Install a security update

A warning message indicates that the vulnerability (CVE-2024-21687) is classified with a threat level of"high". However, attacks are only possible if attackers are authenticated. If this requirement is met, they can, among other things, execute files and compromise the integrity of a software development environment. There is currently no information on how an attack works.

Atlassian states that it has repaired versions 9.2.16 LTS and 9.6.4 LTS. The vulnerability was reported via the software solution provider's bug bounty program. There are currently no reports as to whether attacks are already taking place.

(des)

Back to top

Alle Angebote

Newsletter heise-Bot Push Push-Nachrichten

${intro} ${title}

${intro} ${title}

Atlassian Bamboo: Attackers can compromise development environments

Install a security update

Spiele