Critical severity9.1NVD Advisory· Published Feb 8, 2016· Updated May 6, 2026
CVE-2015-8361
CVE-2015-8361
Description
Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not require authentication, which allows remote attackers to obtain sensitive information, modify settings, or manage build agents via unknown vectors involving the JMS port.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- jira.atlassian.com/browse/BAM-17102nvdPatchVendor Advisory
- confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.htmlnvdVendor Advisory
- packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.htmlnvd
- www.securityfocus.com/archive/1/537347/100/0/threadednvd
News mentions
0No linked articles in our index yet.