We've become aware of vulnerabilities with Jira Server and Software Data Center. We don't think these impact us, but want to verify. The vulnerabilities are:
https://nvd.nist.gov/vuln/detail/CVE-2021-41310
https://nvd.nist.gov/vuln/detail/CVE-2021-41312
https://nvd.nist.gov/vuln/detail/CVE-2021-41313
We are running Jira Core 8.1.3, Jira Software 8.1.3 and Service Desk 4.1.3. These aren't "Server" or "Data Center", but I'm unfamiliar with naming conventions and product names. I thought "Core" was the same as "server", but now I don't think so
@mctwf The very first item in your list does impact your deployment as you are running Core 8.1.3 which is a server instance. Everything less than 8.5.19 is impacted. https://jira.atlassian.com/browse/JRASERVER-72800
The second one impacts your instance as well since it affects all versions less than 8.19.1. https://jira.atlassian.com/browse/JRASERVER-72801
The third one on your list also impacts your instance since it impacts all versions less than 8.21.0 https://jira.atlassian.com/browse/JRASERVER-72898
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.