CVE-2014-9757 in Smack XMPP APIinfo

Summary

The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

11/25/2015

Disclosure

02/08/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-20

CVSS

9.8

EPSS

0.00778

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-9757
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9757
CVE Details	https://www.cvedetails.com/cve/CVE-2014-9757/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!