Atlassian Bamboo commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit

Atlassian Bamboo is prone to a remote vulnerability that allows attackers to take advantage of a deserialization vulnerability present in the commons-collections Java library. By exploiting known methods, it is possible to remotely load a InvokerTransformer Java class, which allows the execution of system commands.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2015-6576
Product Version: 
2016_R1
Released Date: 
Wednesday, April 20, 2016 - 00:00