Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Is version 7.5.1 vulnerable to log4j exploit?

Is version 7.5.1 vulnerable to log4j exploit?

2 answers

1 vote
Daniel Eads Atlassian Team Dec 15, 2021

Hi all,

Daniel from Atlassian Support - I'd like to let you know that we have updated the advisory to include more information about Bitbucket Server, Bitbucket Data Center, and the bundled elasticsearch product. Please refer to the advisory for the most current guidance:

Daniel Eads | Atlassian Support 

0 votes

Hi @Robert Eanes ,


itbucket is NOT affected.

I see Bitbucket Server/Data Center isn't in the list of products using Log4j but I can see Log4j JAR files in my installation directory, is my instance vulnerable?

No. Neither Bitbucket Server nor Data Center use Log4j, they use Logback.


Hope this helps,


Bitbucket allows you to run an external Elasticsearch environment instead of the bundled version, so ensure you check the Elasticsearch config/version/exposure as well as the main product.


Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bitbucket

⭐ Calling all Bitbucket and DevOps experts: Special showcase opportunity ⭐

Hi, Bitbucket community! Are you a DevOps practitioner (or know one in your network)? Do you have DevOps tips, tricks, or learnings you'd like to share with the community? If so, we'd love to hea...

1,523 views 4 8
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you