bitvoodoo Advisories
Space shortcuts
Space Tools
bitvoodoo Advisories BVADVIS

Versions Compared

Old Version 5

changes.mady.by.user Artan Imeri

Saved on

compared with

New Version 6

changes.mady.by.user Artan Imeri

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Warning

This is a public space:

For the draft, please restrict the page during creation and
remove this warning when page is published

English

Contents

Table of Contents

Page properties
Date

 

Product

Confluence Data Center and Server

Crowd Data Center and Server

VulnerabilityCritical
CVECVE-2024-50379, CVE-2024-56337, CVE-2024-52316, CVE-2024-50379, CVE-2024-56337
Official linkhttps://confluence.atlassian.com/security/security-bulletin-february-18-2025-1510670627.html
English

Dear customer,

On the 18th of February 2025, Atlassian issued a Security Bulletin for Confluence and Crowd. The Cloud versions of the applications are not affected.

What you need to know

Atlassian has released a Security Bulletin on multiple vulnerabilities, including five critical issues, . Those were fixed in recent updates. While not a Critical Security Advisory, Atlassian still advises updating affected systems for security. 

Affected Versions

Info
Confluence Data Center and Server
  • 9.2.0 (LTS)
  • 9.1.0 to 9.1.1
  • 9.0.1 to 9.0.3
  • 8.9.0 to 8.9.8
  • 8.8.0 to 8.8.1
  • 8.7.1 to 8.7.2
  • 8.6.0 to 8.6.2
  • 8.5.0 to 8.5.18 (LTS)
  • 8.4.0 to 8.4.5
  • 8.3.0 to 8.3.4
  • 8.2.0 to 8.2.3
  • 8.1.1 to 8.1.4
  • 7.19.6 to 7.19.30 (LTS)
Crowd Data Center and Server
  • 6.2.0
  • 6.1.0 to 6.1.3
  • 6.0.1 to 6.0.6
  • 5.3.0 to 5.3.6



What should I do?

Localtab Group
Localtab
activetrue
titleConfluence Server & Data Center
tabIconbvicon-server

You use Confluence Data Center and Server

Update

To address this issue, Atlassian released If you're using the following versions or newer, the issues are already fixed:

  • 9.3.1 (Data Center Only)
  • 9.2.
  • 1 (LTS, recommended for Data Center Only)
  • 8.5.19 (LTS)

If your Confluence is running on a case-sensitive filesystem, we assess the risk as low and consider an update to be optional.

If it's running on a case-insensitive filesystem, we assess the risk as medium and recommend a minor update.

Mitigation

...

Localtab
titleAtlassian Confluence Cloud
tabIconbvicon-cloud

You use Confluence Cloud

Tip

You are not affected by this Security Advisory. No need for action.

Localtab
titlebitvoodoo Cloud
tabIconbvicon-cloud

You use Crowd Data Center and Server

If you're using the following versions or newer, the issues are already fixed:

  • 6.2.2 recommended Data Center Only
  • 6.
. on servers operated by bitvoodoo
  • 1.4 Data Center Only
  • 6.0.7 Data Center Only

Otherwise we assess the risk as medium and recommend a minor update

Mitigation

..

.


Support

If you still have questions or concerns regarding this advisory, please contact the bitvoodoo support via support.bitvoodoo.ch.



[Close]
Recent Tabs Extension
Image Added
Edit - Security Bulletin Confl ...
Image Added
Communardo Service Center Stat ...
Image Added
Security Bulletin - February 1 ...
Image Added
[BVK-278] BVK: fehlende User S ...
Image Added
Confluence recent edits overvi ...
Image Added
rce meaning - Google Search
Image Added
atlassian marketplace recent t ...
Image Added
recent tabs extension - Google ...
Image Added
[bitvoodoo-confluence] bitvood ...
Image Added
bitvoodoo ag - Calendar - Week ...
bitvoodoo Advisories BVADVIS