An resource in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 allows remote attackers to execute arbitrary Java code via serialized data to the JMS port..
Vulnerable Systems:
*Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0
Immune Systems:
*Atlassian Bamboo after 5.9.9 and 5.10.x after 5.10.0
Atlassian Bamboo is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information and gain unauthorized console access.