Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Apache Log4j2 vulnerability

Has anyone been able to get a response from Atlassian or seen any press release or info about what Atlassian is doing about Apache Log4j2 vulnerability? I opened a ticket yesterday and because of the level of severity was shown we would be contacted within 2 hours. It's been a day.

2 answers

0 votes
Rodney Nissen Community Leader Dec 15, 2021

From what I can read, the version of log4j that Atlassian uses for on-prem systems is not vulnerable out of the box.  If you are running on-prem, you can configure it to be vulnerable, but you have to perform multiple steps to do so. 

They have already mitigated the vulnerability in cloud, so it is no longer a concern.

You can read up on it here: https://thejiraguy.com/2021/12/15/log4shell/

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
VERSION
8.7.1
TAGS
Community showcase
Published in Jira Software

👋 Looking for 15-20 volunteers to test Atlassian training content

Hi everyone! Are you interested in beta testing Atlassian University’s newest (unreleased!) training course? We’re looking for 15-20 volunteers to test our newest training course, Basic reporting...

591 views 21 25
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you