Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center.
This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 9.4 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H allows an authenticated attacker to execute commands on the remote system, which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.
Atlassian recommends that Bamboo Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Bamboo Data Center 9.6.0: Upgrade to a release greater than or equal to 9.6.25 Bamboo Data Center 10.2: Upgrade to a release greater than or equal to 10.2.18 Bamboo Data Center 12.1: Upgrade to a release greater than or equal to 12.1.6
See the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).
AnalysisAI
Remote code execution in Atlassian Bamboo Data Center versions 9.6.0 through 12.1.0 allows authenticated attackers to execute arbitrary OS commands via command injection vulnerability. The attack requires low-privilege authentication (PR:L) but no user interaction, enabling complete system compromise across confidentiality, integrity, and availability with cross-scope impact (SC:H/SI:H/SA:H indicating container escape or lateral movement potential). Atlassian has released patches for three major version branches (9.6.25, 10.2.18, 12.1.6). No active exploitation confirmed in CISA KEV at time of analysis, though the authenticated nature and critical CVSS 9.4 score warrant immediate patching for internet-exposed instances with broad user access.
Technical ContextAI
Bamboo Data Center is Atlassian's enterprise continuous integration and deployment server platform, designed for clustered high-availability deployments. This vulnerability represents a CWE-78 class OS Command Injection flaw where user-controlled input is passed unsanitized to system shell commands. The affected versions span multiple major releases (9.6.0, 10.x, 11.x, 12.x), suggesting the vulnerable code path was introduced in version 9.6.0 and persisted through subsequent release cycles. The CVSS 4.0 vector's cross-scope impact metrics (SC:H/SI:H/SA:H) indicate the vulnerability enables attackers to break out of application security boundaries-potentially executing commands with higher privilege contexts than the application service account, or achieving container escape in containerized deployments. The PR:L (low privilege required) designation means any authenticated user account, not just administrators, can exploit this vulnerability, significantly expanding the attack surface in organizations with numerous CI/CD users or service accounts.
RemediationAI
Atlassian has released patches across three supported major version branches: upgrade to Bamboo Data Center 9.6.25 or later (for 9.6.x users), 10.2.18 or later (for 10.x users), or 12.1.6 or later (for 12.x users). Users on unsupported 11.x versions should migrate to the 12.1.6+ branch. Download patched releases from the Atlassian Bamboo download archives (https://www.atlassian.com/software/bamboo/download-archives) and follow upgrade procedures in the release notes (https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html). If immediate patching is not feasible, implement network segmentation to restrict Bamboo access to trusted IP ranges only via firewall rules, enforce multi-factor authentication for all user accounts to raise credential compromise difficulty, conduct audit of all user accounts to disable unnecessary or orphaned credentials, enable detailed command execution logging to detect exploitation attempts, and consider temporarily disabling Bamboo external network access if business continuity allows. Note these compensating controls only reduce attack surface and do not eliminate the vulnerability-patching remains the only complete remediation. No workarounds or configuration changes can mitigate this command injection flaw according to vendor advisory.
Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited
The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java
Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName p
Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible bef
Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers t
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. Rated critical severit
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an un
Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Rated
The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 bef
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer,
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-24143
GHSA-6jpg-3x8j-cwmr