Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Security Vulnerability CVE-2021-42574 Mitigation

Mayuresh Sakharape
Mayuresh Sakharape November 22, 2021

Hello everyone,

How you guys are mitigating Security Vulnerability CVE-2021-42574? I am still unable to understand the risk, impact and mitigation done by Atlassian. Is there any other workaround than upgrade?

Kind Regards,

Mayuresh

Comment
Watch
Like Be the first to like this
428 views

1 comment

Comment

Log in or Sign up to comment
Peter-Dave Sheehan
Peter-Dave Sheehan
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
November 22, 2021

Here is a nice blog post about it: https://www.adaptavist.com/blog/trojan-codes-in-atlassian-products-and-scriptrunner

The main takeaway for me was that Jira or Confluence are not directly at risk, but they can be used to trick someone else to copy code from jira/confluence into another system and then when that system is built/executed, then that system may contain bad code that the developer didn't realize they copied.

Like Mayuresh Sakharape likes this
Reply
groups-icon
Trust & Security
TAGS
AUG Leaders

Atlassian Community Events

    See all events