Does CVE-2022-0540 impact old JIRA server?

Anne Lee April 26, 2022

Hi, our JIRA server version is very old (6.1.6 & 6.4.2), how to check CVE-2022-0540 has impact or not?

Thanks!

1 answer

1 accepted

1 vote
Answer accepted
Ollie Guan
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 26, 2022

Hi @Anne Lee ,

Affected All Jira versions before 8.13.18, this includes the following products:

  • Jira Core Server
  • Jira Software Server
  • Jira Software Data Center

 

 

https://confluence.atlassian.com/jira/jira-security-advisory-2022-04-20-1115127899.html

Anne Lee April 27, 2022

Hi Ollie,

Does JIRA Server 6.4 is consider  Jira Core Server series?

The plugin name seem different.

image.png

Ollie Guan
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 27, 2022
Anne Lee April 28, 2022

Hi Ollie,

Does "JIRA Mobile" is the same as "Mobile Plugin for Jira"? Since we cannot upgrade JIRA server to least version, We need use other workaround solution.

Ollie Guan
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 29, 2022

Hi @Anne Lee ,

From the release notes, Mobile Plugin for Jira is only enabled after Jira Server 8.0.0

https://marketplace.atlassian.com/apps/1220151/mobile-plugin-for-jira-data-center-and-server/version-history

serkan.sezer April 29, 2022

hi, we are using version 8.20.1. Would disabling the Mobile Add-on for jira fix this issue?

thank you

Suggest an answer

Log in or Sign up to answer