bitvoodoo Advisories
Space shortcuts
Space Tools
bitvoodoo Advisories BVADVIS

Versions Compared

Old Version 7

changes.mady.by.user Unknown User (cora.egli@bitvoodoo.ch)

Saved on

compared with

New Version 8

changes.mady.by.user Alexandre Allart

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


English

Contents


German

Inhalte


French

Contenu

Table of Contents


Page properties


Date

 

Product

Atlassian Server and Data Center

  • Confluence Data Center and Server
  • Jira Software Data Center and Server
  • Jira Service Management Data Center and Server
  • Jira Core Data Center and Server
  • Bitbucket Data Center and Server

Atlassian Server and Data Center 3rd-party Apps

  • Confluence Cloud Migration App (CCMA)

  • Automation for Jira (A4J) app (including Server Lite edition)

  • Assets Discovery (stand-alone app)

Atlassian Cloud

  • Assets Discovery (stand-alone app)

VulnerabilityCritical
CVE

CVE-2022-1471, CVE-2023-22522, CVE-2023-22524, CVE-2023-22523

Official link

(warning) needs to be replaced




Multiple Products Security Advisory - CVE-2022-1471, CVE-2023-22522, CVE-2023-22524, CVE-2023-22523



English

Dear customer,

On the 6th of December 2023, 12am EST, Atlassian issued four Security Advisories for its on-premise software products, the Confluence Cloud Migration App, and the Assets Discovery (stand-alone app) for Cloud and on-premise.

What you need to know

Atlassian has discovered four critical vulnerabilities impacting customers of the products listed below. All four vulnerabilities carry a critical CVSS score of 9.0 or higher, and customers must take immediate action to protect their instances.

Affected versions CVE-2022-1471 - SnakeYAML library RCE Vulnerability Impacts Multiple Products

Product

Affected Versions

Confluence Data Center and Server

  • 6.13.x

  • 6.14.x

  • 6.15.x

  • 7.0.x

  • 7.1.x

  • 7.2.x

  • 7.3.x

  • 7.4.x

  • 7.5.x

  • 7.6.x

  • 7.7.x

  • 7.8.x

  • 7.9.x

  • 7.10.x

  • 7.11.x

  • 7.12.x

  • 7.13.0

  • 7.13.1

  • 7.13.2

  • 7.13.3

  • 7.13.4

  • 7.13.5

  • 7.13.6

  • 7.13.7

  • 7.13.8

  • 7.13.9

  • 7.13.10

  • 7.13.11

  • 7.13.12

  • 7.13.13

  • 7.13.14

  • 7.13.15

  • 7.13.16

  • 7.13.17

  • 7.14.x

  • 7.15.x

  • 7.16.x

  • 7.17.x

  • 7.18.x

  • 7.19.0

  • 7.19.1

  • 7.19.2

  • 7.19.3

  • 7.19.4

  • 7.19.5

  • 7.19.6

  • 7.19.7

  • 7.19.8

  • 7.19.9

  • 7.20.x

  • 8.0.x

  • 8.1.x

  • 8.2.x

  • 8.3.0

Jira Software Data Center and Server

  • 9.4.0

  • 9.4.1

  • 9.4.2

  • 9.4.3

  • 9.4.4

  • 9.4.5

  • 9.4.6

  • 9.4.7

  • 9.4.8

  • 9.4.9

  • 9.4.10

  • 9.4.11

  • 9.4.12

  • 9.5.x

  • 9.6.x

  • 9.7.x

  • 9.8.x

  • 9.9.x

  • 9.10.x

  • 9.11.0

  • 9.11.1

Jira Service Management Data Center and Server

  • 5.4.0

  • 5.4.1

  • 5.4.2

  • 5.4.3

  • 5.4.4

  • 5.4.5

  • 5.4.6

  • 5.4.7

  • 5.4.8

  • 5.4.9

  • 5.4.10

  • 5.4.11

  • 5.4.12

  • 5.5.x

  • 5.6.x

  • 5.7.x

  • 5.8.x

  • 5.9.x

  • 5.10.x

  • 5.11.0

  • 5.11.1

Jira Core Data Center and Server

  • 9.4.0

  • 9.4.1

  • 9.4.2

  • 9.4.3

  • 9.4.4

  • 9.4.5

  • 9.4.6

  • 9.4.7

  • 9.4.8

  • 9.4.9

  • 9.4.10

  • 9.4.11

  • 9.4.12

  • 9.5.x

  • 9.6.x

  • 9.7.x

  • 9.8.x

  • 9.9.x

  • 9.10.x

  • 9.11.0

  • 9.11.1

Bitbucket Data Center and Server

  • 7.17.x

  • 7.18.x

  • 7.19.x

  • 7.20.x

  • 7.21.0

  • 7.21.1

  • 7.21.2

  • 7.21.3

  • 7.21.4

  • 7.21.5

  • 7.21.6

  • 7.21.7

  • 7.21.8

  • 7.21.9

  • 7.21.10

  • 7.21.11

  • 7.21.12

  • 7.21.13

  • 7.21.14

  • 7.21.15

  • 8.0.x

  • 8.1.x

  • 8.2.x

  • 8.3.x

  • 8.4.x

  • 8.5.x

  • 8.6.x

  • 8.7.x

  • 8.8.0

  • 8.8.1

  • 8.8.2

  • 8.8.3

  • 8.8.4

  • 8.8.5

  • 8.8.6

  • 8.9.0

  • 8.9.1

  • 8.9.2

  • 8.9.3

  • 8.10.0

  • 8.10.1

  • 8.10.2

  • 8.10.3

  • 8.11.0

  • 8.11.1

  • 8.11.2

  • 8.12.0

Confluence Cloud Migration App (CCMA)

Automation for Jira (A4J) app (including Server Lite edition)

  • 9.0.1

  • 9.0.0

  • <= 8.2.2

Affected versions CVE-2023-22522 - RCE Vulnerability in Confluence Data Center and Server

Product

Affected Versions

Confluence Data Center and Server

  • 4.0.0

  • 7.20.0

  • 8.0.0

  • 8.6.0

Affected Versions CVE-2023-22523 - RCE Vulnerability in Assets Discovery (stand-alone app)

Product

Affected Versions

Assets Discovery (Jira Service Management Cloud)

  • Insight Discovery 1.0 - 3.1.3

  • Assets Discovery 3.1.4 - 3.1.7

  • Assets Discovery 3.1.8-cloud - 3.1.11-cloud

Assets Discovery (Jira Service Management Data Center and Server)

  • Insight Discovery 1.0 - 3.1.7

  • Assets Discovery 3.1.9 - 3.1.11

  • Assets Discovery 6.0.0 - 6.1.14, 6.1.14-jira-dc-8

Affected versions CVE-2023-22524 - RCE Vulnerability in Atlassian Companion App for MacOS

Product

Affected Versions

Atlassian Companion App for MacOS

All versions (MacOS) up to but not including 2.0.0 are affected by the vulnerability.

Fixed Versions

Note

bitvoodoo recommends using the latest LTS releases of Jira, Confluence, and Bitbucket.


Product

Fixed Versions

Confluence Data Center and Server

  • 7.19.17 (LTS)

  • 8.4.5

  • 8.5.4 (LTS)

  • 8.6.2

  • 8.7.0

Jira Software Data Center and Server

  • 9.11.2

  • 9.12.0 (LTS)

  • 9.4.13 (LTS)

Jira Service Management Data Center and Server

  • 5.11.2

  • 5.12.0 (LTS)

  • 5.4.13 (LTS)

Jira Core Data Center and Server

  • 9.11.2

  • 9.12.0 (LTS)

  • 9.4.13 (LTS)

Bitbucket Data Center and Server

  • 7.21.16 (LTS)

  • 8.10.4

  • 8.11.3

  • 8.12.1

  • 8.13.0

  • 8.8.7

  • 8.9.4 (LTS)

Confluence Cloud Migration App (CCMA)

  • 3.4.0

Automation for Jira (A4J) app (including Server Lite edition)

  • 9.0.2

  • 8.2.4

Assets Discovery (Jira Service Management Cloud)

  • Assets Discovery 3.2.0-cloud or later

Assets Discovery (Jira Service Management Data Center and Server)

  • Assets Discovery 6.2.0 or later

Atlassian Companion App for MacOS

  • 2.0.0


What should I do? - On-Premise Products

Localtab Group


Localtab
activetrue
titleServer & Data Center
tabIconbvicon-server

You use the Server or Data Center variant of any Atlassian application in a version listed in Affected Versions.

Update

Update to a version listed in Fixed Versions.

Note

bitvoodoo recommends using the latest LTS releases of Jira, Confluence and Bitbucket.

Workaround

There are currently no workarounds.


Localtab
titleCloud
tabIconbvicon-cloud

You use Assets Discovery (standalone app) in Jira Service Management Cloud

Note

Update to Assets Discovery 3.2.0-cloud or later

If you don't use Assets Discovery (standalone app) you are not affected by the vulnerability.


Localtab
titlebitvoodoo Cloud
tabIconbvicon-cloud

You use Jira, Confluence or Bitbucket Server or Data Center hosted with bitvoodoo.

Update

LTS Update Package Customers will get an update to the latest LTS release free of charge as soon as possible.

bitvoodoo Cloud customers who do not have an LTS update package will be contacted by bitvoodoo in the coming days for coordination for an update.

Workaround

There are currently no workarounds.


Support

If you still have questions or concerns regarding this advisory, please contact the bitvoodoo support via support.bitvoodoo.ch.


German

Dear customer,

On the 6th of December 2023, 12am EST, Atlassian issued four Security Advisories for it's on-premise software products, Confluence Cloud Migration App, and the Assets Discovery (stand-alone app) for Cloud and on-premise.

What you need to know

Atlassian has discovered four critical vulnerabilities impacting customers of the products listed below. All four vulnerabilities carry a critical CVSS score of 9.0 or higher, and customers must take immediate action to protect their instances.

Affected versions CVE-2022-1471 - SnakeYAML library RCE Vulnerability Impacts Multiple Products

Product

Affected Versions

Confluence Data Center and Server

  • 6.13.x

  • 6.14.x

  • 6.15.x

  • 7.0.x

  • 7.1.x

  • 7.2.x

  • 7.3.x

  • 7.4.x

  • 7.5.x

  • 7.6.x

  • 7.7.x

  • 7.8.x

  • 7.9.x

  • 7.10.x

  • 7.11.x

  • 7.12.x

  • 7.13.0

  • 7.13.1

  • 7.13.2

  • 7.13.3

  • 7.13.4

  • 7.13.5

  • 7.13.6

  • 7.13.7

  • 7.13.8

  • 7.13.9

  • 7.13.10

  • 7.13.11

  • 7.13.12

  • 7.13.13

  • 7.13.14

  • 7.13.15

  • 7.13.16

  • 7.13.17

  • 7.14.x

  • 7.15.x

  • 7.16.x

  • 7.17.x

  • 7.18.x

  • 7.19.0

  • 7.19.1

  • 7.19.2

  • 7.19.3

  • 7.19.4

  • 7.19.5

  • 7.19.6

  • 7.19.7

  • 7.19.8

  • 7.19.9

  • 7.20.x

  • 8.0.x

  • 8.1.x

  • 8.2.x

  • 8.3.0

Jira Software Data Center and Server

  • 9.4.0

  • 9.4.1

  • 9.4.2

  • 9.4.3

  • 9.4.4

  • 9.4.5

  • 9.4.6

  • 9.4.7

  • 9.4.8

  • 9.4.9

  • 9.4.10

  • 9.4.11

  • 9.4.12

  • 9.5.x

  • 9.6.x

  • 9.7.x

  • 9.8.x

  • 9.9.x

  • 9.10.x

  • 9.11.0

  • 9.11.1

Jira Service Management Data Center and Server

  • 5.4.0

  • 5.4.1

  • 5.4.2

  • 5.4.3

  • 5.4.4

  • 5.4.5

  • 5.4.6

  • 5.4.7

  • 5.4.8

  • 5.4.9

  • 5.4.10

  • 5.4.11

  • 5.4.12

  • 5.5.x

  • 5.6.x

  • 5.7.x

  • 5.8.x

  • 5.9.x

  • 5.10.x

  • 5.11.0

  • 5.11.1

Jira Core Data Center and Server

  • 9.4.0

  • 9.4.1

  • 9.4.2

  • 9.4.3

  • 9.4.4

  • 9.4.5

  • 9.4.6

  • 9.4.7

  • 9.4.8

  • 9.4.9

  • 9.4.10

  • 9.4.11

  • 9.4.12

  • 9.5.x

  • 9.6.x

  • 9.7.x

  • 9.8.x

  • 9.9.x

  • 9.10.x

  • 9.11.0

  • 9.11.1

Bitbucket Data Center and Server

  • 7.17.x

  • 7.18.x

  • 7.19.x

  • 7.20.x

  • 7.21.0

  • 7.21.1

  • 7.21.2

  • 7.21.3

  • 7.21.4

  • 7.21.5

  • 7.21.6

  • 7.21.7

  • 7.21.8

  • 7.21.9

  • 7.21.10

  • 7.21.11

  • 7.21.12

  • 7.21.13

  • 7.21.14

  • 7.21.15

  • 8.0.x

  • 8.1.x

  • 8.2.x

  • 8.3.x

  • 8.4.x

  • 8.5.x

  • 8.6.x

  • 8.7.x

  • 8.8.0

  • 8.8.1

  • 8.8.2

  • 8.8.3

  • 8.8.4

  • 8.8.5

  • 8.8.6

  • 8.9.0

  • 8.9.1

  • 8.9.2

  • 8.9.3

  • 8.10.0

  • 8.10.1

  • 8.10.2

  • 8.10.3

  • 8.11.0

  • 8.11.1

  • 8.11.2

  • 8.12.0

Confluence Cloud Migration App (CCMA)

Automation for Jira (A4J) app (including Server Lite edition)

  • 9.0.1

  • 9.0.0

  • <= 8.2.2

Affected versions CVE-2023-22522 - RCE Vulnerability in Confluence Data Center and Server

Product

Affected Versions

Confluence Data Center and Server

  • 4.0.0

  • 7.20.0

  • 8.0.0

  • 8.6.0

Affected Versions CVE-2023-22523 - RCE Vulnerability in Assets Discovery (stand-alone app)

Product

Affected Versions

Assets Discovery (Jira Service Management Cloud)

  • Insight Discovery 1.0 - 3.1.3

  • Assets Discovery 3.1.4 - 3.1.7

  • Assets Discovery 3.1.8-cloud - 3.1.11-cloud

Assets Discovery (Jira Service Management Data Center and Server)

  • Insight Discovery 1.0 - 3.1.7

  • Assets Discovery 3.1.9 - 3.1.11

  • Assets Discovery 6.0.0 - 6.1.14, 6.1.14-jira-dc-8

Affected versions CVE-2023-22524 - RCE Vulnerability in Atlassian Companion App for MacOS

Product

Affected Versions

Atlassian Companion App for MacOS

All versions (MacOS) up to but not including 2.0.0 are affected by the vulnerability.

Fixed Versions

Note

bitvoodoo recommends using the latest LTS releases of Jira, Confluence, and Bitbucket.


Product

Fixed Versions

Confluence Data Center and Server

  • 7.19.17 (LTS)

  • 8.4.5

  • 8.5.4 (LTS)

  • 8.6.2

  • 8.7.0

Jira Software Data Center and Server

  • 9.11.2

  • 9.12.0 (LTS)

  • 9.4.13 (LTS)

Jira Service Management Data Center and Server

  • 5.11.2

  • 5.12.0 (LTS)

  • 5.4.13 (LTS)

Jira Core Data Center and Server

  • 9.11.2

  • 9.12.0 (LTS)

  • 9.4.13 (LTS)

Bitbucket Data Center and Server

  • 7.21.16 (LTS)

  • 8.10.4

  • 8.11.3

  • 8.12.1

  • 8.13.0

  • 8.8.7

  • 8.9.4 (LTS)

Confluence Cloud Migration App (CCMA)

  • 3.4.0

Automation for Jira (A4J) app (including Server Lite edition)

  • 9.0.2

  • 8.2.4

Assets Discovery (Jira Service Management Cloud)

  • Assets Discovery 3.2.0-cloud or later

Assets Discovery (Jira Service Management Data Center and Server)

  • Assets Discovery 6.2.0 or later

Atlassian Companion App for MacOS

  • 2.0.0


What should I do? - On-Premise Products

Localtab Group


Localtab
activetrue
titleServer & Data Center
tabIconbvicon-server

You use the Server or Data Center variant of any Atlassian application in a version listed in Affected Versions.

Update

Update to a version listed in Fixed Versions.

Note

bitvoodoo recommends using the latest LTS releases of Jira, Confluence and Bitbucket.

Workaround

There are currently no workarounds.


Localtab
titleCloud
tabIconbvicon-cloud

You use Assets Discovery (standalone app) in Jira Service Management Cloud

Note

Update to Assets Discovery 3.2.0-cloud or later

If you don't use Assets Discovery (standalone app) you are not affected by the vulnerability.


Localtab
titlebitvoodoo Cloud
tabIconbvicon-cloud

You use Jira, Confluence or Bitbucket Server or Data Center hosted with bitvoodoo.

Update

LTS Update Package Customers will get an update to the latest LTS release free of charge as soon as possible.

bitvoodoo Cloud customers who do not have an LTS update package will be contacted by bitvoodoo in the coming days for coordination for an update.

Workaround

There are currently no workarounds.


Support

Wenn Sie noch Fragen oder Bedenken zu diesem Advisory haben, wenden Sie sich bitte an den bitvoodoo Support via support@bitvoodoo.ch oder support.bitvoodoo.ch.


French

Chère cliente, cher client,

Le 6 décembre 2023, 6:00AM, Atlassian a publié 4 avis de sécurité sécurités pour ses produits on-premise, ainsi que Confluence Cloud Migration App, et Assets Discovery (stand-alone app) pour Cloud et on-premise.

Ce qu'il faut savoir

Atlassian a découvert quatre vulnérabilités critiques affectant les clients des produits répertoriés ci-dessous. Les quatre vulnérabilités ont un score CVSS critique de 9,0 ou plus, et les clients doivent prendre des mesures immédiates pour protéger leurs instances.

Versions concernées CVE-2022-1471 - SnakeYAML library RCE Vulnerability Impacts Multiple Products

Produit

Versions concernées

Confluence Data Center et Serveur

  • 6.13.x

  • 6.14.x

  • 6.15.x

  • 7.0.x

  • 7.1.x

  • 7.2.x

  • 7.3.x

  • 7.4.x

  • 7.5.x

  • 7.6.x

  • 7.7.x

  • 7.8.x

  • 7.9.x

  • 7.10.x

  • 7.11.x

  • 7.12.x

  • 7.13.0

  • 7.13.1

  • 7.13.2

  • 7.13.3

  • 7.13.4

  • 7.13.5

  • 7.13.6

  • 7.13.7

  • 7.13.8

  • 7.13.9

  • 7.13.10

  • 7.13.11

  • 7.13.12

  • 7.13.13

  • 7.13.14

  • 7.13.15

  • 7.13.16

  • 7.13.17

  • 7.14.x

  • 7.15.x

  • 7.16.x

  • 7.17.x

  • 7.18.x

  • 7.19.0

  • 7.19.1

  • 7.19.2

  • 7.19.3

  • 7.19.4

  • 7.19.5

  • 7.19.6

  • 7.19.7

  • 7.19.8

  • 7.19.9

  • 7.20.x

  • 8.0.x

  • 8.1.x

  • 8.2.x

  • 8.3.0

Jira Software Data Center et Serveur

  • 9.4.0

  • 9.4.1

  • 9.4.2

  • 9.4.3

  • 9.4.4

  • 9.4.5

  • 9.4.6

  • 9.4.7

  • 9.4.8

  • 9.4.9

  • 9.4.10

  • 9.4.11

  • 9.4.12

  • 9.5.x

  • 9.6.x

  • 9.7.x

  • 9.8.x

  • 9.9.x

  • 9.10.x

  • 9.11.0

  • 9.11.1

Jira Service Management Data Center et Serveur

  • 5.4.0

  • 5.4.1

  • 5.4.2

  • 5.4.3

  • 5.4.4

  • 5.4.5

  • 5.4.6

  • 5.4.7

  • 5.4.8

  • 5.4.9

  • 5.4.10

  • 5.4.11

  • 5.4.12

  • 5.5.x

  • 5.6.x

  • 5.7.x

  • 5.8.x

  • 5.9.x

  • 5.10.x

  • 5.11.0

  • 5.11.1

Jira Core Data Center et Serveur

  • 9.4.0

  • 9.4.1

  • 9.4.2

  • 9.4.3

  • 9.4.4

  • 9.4.5

  • 9.4.6

  • 9.4.7

  • 9.4.8

  • 9.4.9

  • 9.4.10

  • 9.4.11

  • 9.4.12

  • 9.5.x

  • 9.6.x

  • 9.7.x

  • 9.8.x

  • 9.9.x

  • 9.10.x

  • 9.11.0

  • 9.11.1

Bitbucket Data Center et Serveur

  • 7.17.x

  • 7.18.x

  • 7.19.x

  • 7.20.x

  • 7.21.0

  • 7.21.1

  • 7.21.2

  • 7.21.3

  • 7.21.4

  • 7.21.5

  • 7.21.6

  • 7.21.7

  • 7.21.8

  • 7.21.9

  • 7.21.10

  • 7.21.11

  • 7.21.12

  • 7.21.13

  • 7.21.14

  • 7.21.15

  • 8.0.x

  • 8.1.x

  • 8.2.x

  • 8.3.x

  • 8.4.x

  • 8.5.x

  • 8.6.x

  • 8.7.x

  • 8.8.0

  • 8.8.1

  • 8.8.2

  • 8.8.3

  • 8.8.4

  • 8.8.5

  • 8.8.6

  • 8.9.0

  • 8.9.1

  • 8.9.2

  • 8.9.3

  • 8.10.0

  • 8.10.1

  • 8.10.2

  • 8.10.3

  • 8.11.0

  • 8.11.1

  • 8.11.2

  • 8.12.0

Confluence Cloud Migration App (CCMA)

Automation for Jira (A4J) app (y compris l'édition Server Lite)

  • 9.0.1

  • 9.0.0

  • <= 8.2.2

Versions concernées CVE-2023-22522 - RCE Vulnerability in Confluence Data Center and Server

Produit

Versions concernées

Confluence Data Center et Serveur

  • 4.0.0

  • 7.20.0

  • 8.0.0

  • 8.6.0

Versions concernées CVE-2023-22523 - RCE Vulnerability in Assets Discovery (stand-alone app)

Produit

Versions concernées

Assets Discovery (Jira Service Management Cloud)

  • Insight Discovery 1.0 - 3.1.3

  • Assets Discovery 3.1.4 - 3.1.7

  • Assets Discovery 3.1.8-cloud - 3.1.11-cloud

Assets Discovery (Jira Service Management Data Center et Serveur)

  • Insight Discovery 1.0 - 3.1.7

  • Assets Discovery 3.1.9 - 3.1.11

  • Assets Discovery 6.0.0 - 6.1.14, 6.1.14-jira-dc-8

Versions concernées CVE-2023-22524 - RCE Vulnerability in Atlassian Companion App for MacOS

Produit

Versions concernées

Atlassian Companion App for MacOS

Toutes les versions (MacOS) jusqu'à la version 2.0.0 non incluse sont affectées par la vulnérabilité.

Fixed

Versions corrigées

Note

bitvoodoo recommends using the latest LTS releases of recommande d'utiliser les dernières versions LTS de Jira, Confluence , and et Bitbucket.


ProductFixed and Server and Server and Server and Server and Serverincluding or later and Server or later

Produit

Versions corrigées

Confluence Data Center

et Serveur

  • 7.19.17 (LTS)

  • 8.4.5

  • 8.5.4 (LTS)

  • 8.6.2

  • 8.7.0

Jira Software Data Center

et Serveur

  • 9.11.2

  • 9.12.0 (LTS)

  • 9.4.13 (LTS)

Jira Service Management Data Center

et Serveur

  • 5.11.2

  • 5.12.0 (LTS)

  • 5.4.13 (LTS)

Jira Core Data Center

et Serveur

  • 9.11.2

  • 9.12.0 (LTS)

  • 9.4.13 (LTS)

Bitbucket Data Center

et Serveur

  • 7.21.16 (LTS)

  • 8.10.4

  • 8.11.3

  • 8.12.1

  • 8.13.0

  • 8.8.7

  • 8.9.4 (LTS)

Confluence Cloud Migration App (CCMA)

  • 3.4.0

Automation for Jira (A4J) app (

y compris la Server Lite edition)

  • 9.0.2

  • 8.2.4

Assets Discovery (Jira Service Management Cloud)

  • Assets Discovery 3.2.0-cloud
  • ou plus récent

Assets Discovery (Jira Service Management Data Center

et Serveur)

  • Assets Discovery 6.2.0

  • ou plus récent

Atlassian Companion App for MacOS

  • 2.0.0
What should I do


Que dois-je faire ? - Produits On-Premise

Products

Localtab Group


Localtab
activetrue
titleServer & Data Center
tabIconbvicon-server

Vous utilisez la variante Server ou Data Center de n'importe quelle application Atlassian dans une version répertoriée dans la colonne Versions concernées.

Mise à jour

Mettez à jour vers une version répertoriée dans la colonne Versions corrigées.

Note

bitvoodoo recommande d'utiliser les dernières versions LTS de Jira, Confluence et Bitbucket.

Workaround

Il n’existe actuellement aucune solution de contournement

You use the Server or Data Center variant of any Atlassian application in a version listed in Affected Versions.

Update

Update to a version listed in Fixed Versions.

Note

bitvoodoo recommends using the latest LTS releases of Jira, Confluence and Bitbucket.

Workaround

There are currently no workarounds.


Localtab
titleCloud
tabIconbvicon-cloud

You use Vous utilisez Assets Discovery (standalone app) in dans Jira Service Management Cloud

Note

Update to Mise à jour vers Assets Discovery 3.2.0-cloud or later ou version ultérieure

Si vous n'utilisez pas If you don't use Assets Discovery (standalone app) you are not affected by the vulnerability, vous n'êtes pas affecté par la vulnérabilité.


Localtab
titlebitvoodoo Cloud
tabIconbvicon-cloud

You use Vous utilisez Jira, Confluence or ou Bitbucket Server or ou Data Center hosted with hébergé avec bitvoodoo.

Update

LTS Update Package Customers will get an update to the latest LTS release free of charge as soon as possible.

bitvoodoo Cloud customers who do not have an LTS update package will be contacted by bitvoodoo in the coming days for coordination for an update.

Workaround
Mise à jour

Les clients du package de mise à jour LTS recevront gratuitement une mise à jour de la dernière version LTS dès que possible.

Les clients bitvoodoo Cloud qui ne disposent pas d'un package de mise à jour LTS seront contactés par bitvoodoo dans les prochains jours pour coordonner une mise à jour.

Workaround

Il n’existe actuellement aucune solution de contournementThere are currently no workarounds.


Support

Si vous avez des questions concernant cette faille de sécurité, veuillez contact le support de bitvoodoo par via support@bitvoodoo.ch ou support.bitvoodoo.ch.



...

bitvoodoo Advisories BVADVIS