Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

Urmo Luts March 31, 2022

Hi

Seems to be that new threat is out and would it peril Atlassian products server/dc also?

https://www.bleepingcomputer.com/news/security/new-spring-java-framework-zero-day-allows-remote-code-execution/

2 answers

1 accepted

Suggest an answer

Log in or Sign up to answer
0 votes
Answer accepted
Jodie Vlassis
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 3, 2022

Update:

Please see the latest FAQs posted over the weekend: https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2022-22965

As always, you can monitor security vulnerabilities at the following link https://www.atlassian.com/trust/security/advisories

You can also report a vulnerability using this article https://www.atlassian.com/trust/security/report-a-vulnerability so Atlassian will provide an offical answer for that question.

We will continue to monitor the situation and provide a response soon.

 

Jodie

0 votes
Jodie Vlassis
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 31, 2022

Please refer to our FAQ page, we should have a formal announcement soon:

https://confluence.atlassian.com/kb/faq-for-cve-2022-22963-cve-2022-22965-1115149136.html

TAGS
AUG Leaders

Atlassian Community Events