Item was updated and Nessus plugin updated as well. We're running 8.18.1 which should meet the greater than 8.17 version. But we're hitting scan results on this finding. Is there a way to find out if the 8.18 is actually vulnerable? And what is the recommend update for 8.18.1?
Hi @David Oh ,
Jira 8.18.1 is a fixed version for CVE-2020-36289, per the information on JRASERVER-71559 . The advisory database for Nessus also indicates Jira 8.18.1 should pass this check.
My recommendation would be to reach out to Tenable support and see if they can check the parameters for this particular Nessus scan.
Cheers,
Daniel | Atlassian Community Support
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.