Community
Products
Jira Service Management
Questions
What can we do if we are affected by the security vulnerability (CVE 2022 26135) but have not renewe

What can we do if we are affected by the security vulnerability (CVE 2022 26135) but have not renewe

Due to the security vulnerability, we were advised to download version 5 for Jira Service Desk (Service Management). However, since we have not renewed the contract or licenses, we would like to know if there is a way to install this version to comply with the security vulnerability?

Does Atlassian offer a solution for customers who do not want to move to the cloud and still use the application?

We are on version 4.9.0 for Jira Service Desk and Jira Software 8.20.2.

2 answers

0 votes

You indeed need an active license to upgrade.

You can follow this mitigation solution

https://confluence.atlassian.com/kb/faq-for-cve-2022-26135-1142439167.html

You have to disable the system app Mobile Plugin for Jira.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

0 votes

Hi @eperi ,

I think you would need an active license to upgrade your application. If you are on 8.20.2 then you need to upgrade your Jira Software to 8.20.10.

I would suggest raising a ticket with Atlassian. If technical support is not available still you can raise sales or billing-related tickets and explain your scenario and ask for help if any.

Regards,
Mayur

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

What can we do if we are affected by the security vulnerability (CVE 2022 26135) but have not renewe

2 answers

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events