VDB
WID-SEC-W-2026-0177
WID-SEC-W-2026-0177
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet. Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle. Confluence ist eine kommerzielle Wiki-Software. Jira ist eine Webanwendung zur Softwareentwicklung.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atlassian Confluence Data Center 9.2.13 | ||
| Atlassian Bamboo Data Center <9.6.21 | ||
| Atlassian Bamboo Data Center <12.0.2 | ||
| Atlassian Jira Data Center 11.3.0 | ||
| Atlassian Jira Data Center <11.2.1 | ||
| Atlassian Jira Data Center <11.3.0 | ||
| Atlassian Bamboo Data Center 10.2.13 | ||
| Atlassian Confluence Data Center <10.2.2 | ||
| Atlassian Bamboo Data Center 12.0.2 | ||
| Atlassian Bamboo Data Center 9.6.21 | ||
| Atlassian Bitbucket Data Center <10.1.1 | ||
| Atlassian Confluence Data Center 10.2.2 | ||
| Atlassian Confluence Data Center <9.2.13 | ||
| Atlassian Bitbucket Data Center 8.19.26 | ||
| Atlassian Bamboo Data Center <10.2.13 | ||
| Atlassian Bitbucket Data Center 10.1.1 | ||
| Atlassian Bitbucket Data Center 9.4.15 | ||
| Atlassian Bitbucket Data Center <8.19.26 | ||
| Atlassian Jira Data Center 11.2.1 | ||
| Atlassian Bitbucket Data Center <9.4.15 |
Timeline
- Jan 20, 2026 CVE Published
- Jan 28, 2026 CVE Updated
- Apr 18, 2026 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0177.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0177 advisory
- https://confluence.atlassian.com/security/security-bulletin-january-20-2026-1712324819.html url
- https://www.dell.com/support/kbdoc/en-us/000281732/dsa-2025-075-security-update-for-dell-data-protection-advisor-for-multiple-component-vulnerabilities url