Log4j issues

Sohith
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
February 8, 2022

Bellwiki application was built based on confluence technology and we identified log4j files in the server in the below paths. could you please let us know if there will be any impact to the application with the below watchdog.jar.

 

Paths:-

1)Path : /app/tmp/atlassian-confluence-7.4.3/bin/synchrony-proxy-watchdog.jar Installed version : 1.2.17

2)Path : /app/tmp/atlassian-confluence-7.4.3/bin/synchrony-proxy-watchdog.jar Installed version : 1.2.17

3)Path : /app/confluence/bin/synchrony-proxy-watchdog.jar Installed version : 1.2.17

 

 

 

1 answer

0 votes
Daniel Ebers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 18, 2022

Hi @Sohith

the best resouce available in terms of log4j is the knowledge base entry over here:

https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html

Additonally there is a group here in Community "Trust & Security" (https://community.atlassian.com/t5/Trust-Security/gh-p/TrustandSecurity) - however, it is unlikely a individual .jar-file is talked about there. The general rule given out is to upgrade Confluence as soon as your time permits (and your processes) in order to keep to up to date and secure.

Regards,
Daniel

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events