Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Security Advisories for Jira Service Desk Server, November 2019

Atlassian has disclosed two critical severity security vulnerabilities (CVE-2019-15003 and CVE-2019-15004) in Jira Service Desk Server and Jira Service Desk Data Center on November 6, 2019. This article is designed to help you determine if you are affected and how to ask for help here on Community.

The TLDR (too long, didn't read)

We recommend upgrading your Jira Service Desk Server/Data Center instances to one of the following versions as soon as possible: 

All versions of Service Desk Server/Data Center before these versions are affected by these vulnerabilities.  Please read the full advisory which can be found at Jira Service Desk Security Advisory 2019-11-06.

Note that in order to upgrade Jira Service Desk to one of the versions above, you will need an active and valid license for Service Desk. 

If you are unable to upgrade your Jira Service Desk quickly for any reason, there are mitigation steps that can be taken to temporarily work-around this issue until such time when you can upgrade.  While the work-around steps are very similar in nature for these two, please note that there are slight difference between them for each CVE.

Mitigation steps for CVE-2019-15003

After upgrading Jira Service Desk this mitigation can be removed.

 

Mitigation steps for CVE-2019-15004

After upgrading Jira Service Desk this mitigation can be removed.

 

Select, Priority, and Premier support customers can raise technical support requests in regards to this advisory by going to https://support.atlassian.com/contact

However Starter license users will only have support provided through Community per our Support offerings.

We invite anyone that might have questions in relation to this security advisory, regardless of your support level, to ask a new question with this link.  Which will help us to track questions about this specific advisory.

0 comments

Comments for this post are closed

Community moderators have prevented the ability to post new comments.

TAGS
Community showcase
Published in Jira Service Management

Submit your Jira Service Management use case and win!

Hi everyone - in case you haven’t heard, we’re hosting the show of the century on November 10th: High Velocity: ITSM World Tour.     This virtual, concert-themed experience...

298 views 1 10
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you