Need to avoid leakage of confidential information, entities are recommended with the
• Implement security checks and hardening on internal systems to ensure that they are
not accidentally exposed to the internet.
• Access to internal systems must be restricted to authorized personnel, and access be
allowed only via controlled internal network.
• Ensure to have the latest versions of the software installed in order to avoid the old
versions being exploited through any existing vulnerabilities.
In the case of the Atlassian Jira Project Management Software, ensure to have any of
the following versions installed – though ideally, the latest version should be installed
JIRA Version - 7.13.5
If we are unable to update Jira immediately, then, as a temporary workaround, you can
do the following:
o Disable the contact administrator form.
o Block the /secure/admin/SendBulkMail!default.jspa endpoint from being
accessed. This can be achieved by denying access in the reverse-proxy, load
balancer, or Tomcat directly.
Background When you hear the words ‘Release notes’, almost always you think of an unsolicited email from a software vendor. But I am here to tell you that from our data, sending release notes via E...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events