Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

I wonder to know the impact of CVE vulnerabilities: CVE-2019-17571 , CVE-2020-9488

Francisco Villena
Francisco Villena December 16, 2021

Dear Sirs

My customer has a Jira Server 7.2.2 installation. The log4j library version installed in is 1.2.16. Associated with this version there was two vulnerabilities CVE-2019-17571  and CVE-2020-9488.

Is there any type of affection on Jira with both vulnerabilities?

If so, could you provide me with the workarround to fix them?

Thank you very much!

Best regards

 

Answer
Watch
Like Thomas Clemens likes this
1095 views

1 answer

View More Comments
Thomas Clemens
Thomas Clemens
Contributor
December 20, 2021

I don't think the Answer has anyting to do with the vulnerabilities fvillena asked about.

@Francisco Villena

I checked the exact Version of Log4j wich was used in our Version of Confluence & jira. In our case, it was 1.2.17-atlassian-3 wich is the atlassian Branch, wich was the fix for CVE-2019-17571. I will have to go and check the 2020 one, but you will proberbly find the answer with the help of the Web-Search whos name may not be said out loud. Merry new Year!

Like
Francisco Villena
Francisco Villena December 20, 2021

Thanks @Thomas Clemens

It could be any incompatibility by using Log4j  1.2.17-atlassian-3 in a Jira Server 7.2.2)?, I don´t think so, but if the case any of you have got any problems when installing that version of log4j.

 

Thanks!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security