Is Jira (on-prem) affected by Spring4Shell?

jy March 31, 2022

A summary of the zero-day Spring4Shell vulnerability is shown here:

https://securityboulevard.com/2022/03/spring4shell-zero-day-attack-what-you-need-to-know/

 

2 answers

1 accepted

Suggest an answer

Log in or Sign up to answer
2 votes
Answer accepted
Jodie Vlassis
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 3, 2022

Please see the latest FAQs posted over the weekend: https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2022-22965

As always, you can monitor security vulnerabilities at the following link https://www.atlassian.com/trust/security/advisories

You can also report a vulnerability using this article https://www.atlassian.com/trust/security/report-a-vulnerability so Atlassian will provide an offical answer for that question.

We will continue to monitor the situation and provide a response soon.

 

Jodie

1 vote
Fabio Racobaldo _Herzum_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 1, 2022

Hi @jy ,

you can monitor security vulnerabilities at the following link https://www.atlassian.com/trust/security/advisories

Right now it seems to not exist an official alert for CVE-2022-22965 

Btw, you can report a vulnerability using this article https://www.atlassian.com/trust/security/report-a-vulnerability so Atlassian will provide an offical answer for that question.

Hope this helps,

Fabio

TAGS
AUG Leaders

Atlassian Community Events