Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

I wonder to know the impact of CVE vulnerabilities: CVE-2019-17571 , CVE-2020-9488

Dear Sirs

My customer has a Jira Server 7.2.2 installation. The log4j library version installed in is 1.2.16. Associated with this version there was two vulnerabilities CVE-2019-17571  and CVE-2020-9488.

Is there any type of affection on Jira with both vulnerabilities?

If so, could you provide me with the workarround to fix them?

Thank you very much!

Best regards

 

1 answer

I don't think the Answer has anyting to do with the vulnerabilities fvillena asked about.

@fvillena

I checked the exact Version of Log4j wich was used in our Version of Confluence & jira. In our case, it was 1.2.17-atlassian-3 wich is the atlassian Branch, wich was the fix for CVE-2019-17571. I will have to go and check the 2020 one, but you will proberbly find the answer with the help of the Web-Search whos name may not be said out loud. Merry new Year!

Thanks @Thomas Clemens

It could be any incompatibility by using Log4j  1.2.17-atlassian-3 in a Jira Server 7.2.2)?, I don´t think so, but if the case any of you have got any problems when installing that version of log4j.

 

Thanks!

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Software

👋 Looking for 15-20 volunteers to test Atlassian training content

Hi everyone! Are you interested in beta testing Atlassian University’s newest (unreleased!) training course? We’re looking for 15-20 volunteers to test our newest training course, Basic reporting...

791 views 24 28
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you