My customer has a Jira Server 7.2.2 installation. The log4j library version installed in is 1.2.16. Associated with this version there was two vulnerabilities CVE-2019-17571 and CVE-2020-9488.
Is there any type of affection on Jira with both vulnerabilities?
If so, could you provide me with the workarround to fix them?
Thank you very much!
I don't think the Answer has anyting to do with the vulnerabilities fvillena asked about.
I checked the exact Version of Log4j wich was used in our Version of Confluence & jira. In our case, it was 1.2.17-atlassian-3 wich is the atlassian Branch, wich was the fix for CVE-2019-17571. I will have to go and check the 2020 one, but you will proberbly find the answer with the help of the Web-Search whos name may not be said out loud. Merry new Year!
Hi everyone! Are you interested in beta testing Atlassian University’s newest (unreleased!) training course? We’re looking for 15-20 volunteers to test our newest training course, Basic reporting...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events