bitvoodoo Advisories
Space shortcuts
Space Tools
bitvoodoo Advisories BVADVIS

Versions Compared

Old Version 1

changes.mady.by.user Artan Imeri

Saved on

compared with

New Version Current

changes.mady.by.user Daniele Talerico

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Warning

This is a public space:

For the draft, please restrict the page during creation and
remove this warning when page is published

English

Contents

Table of Contents

Page properties
Date

 

Product

Confluence Data Center and Server

Crowd Data Center and Server

VulnerabilityCritical
CVECVE-2024-50379, CVE-2024-56337, CVE-2024-52316, CVE-2024-50379, CVE-2024-56337
Official linkhttps://confluence.atlassian.com/security/security-bulletin-february-18-2025-1510670627.html
English

Dear customer,

On the 18th of February 2025, Atlassian issued a Security Advisory Bulletin for Confluence Data Center and Server, and Crowd Data Center and Server.

The Cloud versions of the applications as well as other Atlassian products are not affected.

What you need to know

Atlassian has released a Security Bulletin on multiple vulnerabilities, including five critical issues , that we list here. Those were fixed in recent updates. While not a Critical Security Advisory,

Although the bulletin contains critical vulnerabilities, Atlassian has decided not to publish a security advisory. This means that the vulnerabilities have a lower impact.

However, in some cases Atlassian still advises updating affected systems for security. 

Affected Versions

info
ProductAffected Version
Confluence Data Center and Server
  • 9.2.0 (LTS)
  • 9.1.0 to 9.1.1
  • 9.0.1 to 9.0.3
  • 8.9.0 to 8.9.8
  • 8.8.0 to 8.8.1
  • 8.7.1 to 8.7.2
  • 8.6.0 to 8.6.2
  • 8.5.0 to 8.5.18 (LTS)
  • 8.4.0 to 8.4.5
  • 8.3.0 to 8.3.4
  • 8.2.0 to 8.2.3
  • 8.1.1 to 8.1.4
  • 7.19.6 to 7.19.30 (LTS)
Crowd Data Center and Server
  • 6.2.0
  • 6.1.0 to 6.1.3
  • 6.0.1 to 6.0.6
  • 5.3.0 to 5.3.6

 Fixed Versions

ProductFixed Versions
Confluence
  • 9.3.1 Data Center Only
  • 9.2.1 (LTS) recommended Data Center Only
  • 8.5.19 (LTS)
Crowd
  • 6.2.2 recommended  Data Center Only
  • 6.1.4  Data Center Only
  • 6.0.7  Data Center Only


 

What should I do?

You use ... on servers operated by bitvoodoo

Mitigation

...
Localtab Group
Localtab
activetrue
titleConfluence Server & Data Center
tabIconbvicon-server

You use Confluence Data Center and Server

Update

To address this issue, Atlassian released If you're using one of the following versions:

  • 7.19.6 to 7.19.

Mitigation

...

Localtab
titleAtlassian Confluence Cloud
tabIconbvicon-cloud

You use Confluence Cloud

Tip

You are not affected by this Security Advisory. No need for action.

Localtab
titlebitvoodoo Cloud
tabIconbvicon-cloud

Update

LTS Update Package Customers will get contacted to discuss the need and planning of an update.

Support

If you still have questions or concerns regarding this advisory, please contact the bitvoodoo support via support.bitvoodoo.ch.

[Close]
Recent Tabs Extension
Image Removed
Add Page - bitvoodoo Advisorie ...
Image Removed
Security Bulletin - February 1 ...
Image Removed
[BVK-278] BVK: fehlende User S ...
Image Removed
Inbox (1) - artan.imeri@bitvoo ...
Image Removed
bitvoodoo ag - Calendar - Week ...
Image Removed
[INFIC-118] Projekte erstellen ...
Image Removed
honig ums maul schmieren engls ...
Image Removed
[SUPPORT-12596] SLA Daten werd ...
Image Removed
[BVIT-937] confluence.fhgr.ch ...
  • 30 (LTS)
  • 8.9.0 to 8.9.8
  • 8.8.0 to 8.8.1
  • 8.7.1 to 8.7.2
  • 8.6.0 to 8.6.2
  • 8.5.0 to 8.5.18 (LTS)
  • 8.4.0 to 8.4.5
  • 8.3.0 to 8.3.4
  • 8.2.0 to 8.2.3
  • 8.1.1 to 8.1.4
  • 9.2.0 (LTS)
  • 9.1.0 to 9.1.1
  • 9.0.1 to 9.0.3

Then you should check:

  • If your Confluence instance runs on a case-sensitive filesystem (default on Linux), we consider the risk low and an update as optional.
  • If it runs on a case-insensitive filesystem (default on Windows and macOS), we consider the risk medium and we recommend a minor update.


Localtab
titleCrowd Data Center and Server
tabIconbvicon-menu

You use Crowd Data Center and Server

If you're using one of the following versions we assess the risk as medium and recommend a minor update:

  • 6.2.0
  • 6.1.0 to 6.1.3
  • 6.0.1 to 6.0.6
  • 5.3.0 to 5.3.6


Localtab
titleAtlassian Confluence Cloud
tabIconbvicon-cloud

You use Confluence Cloud

Tip

You are not affected by this Security Advisory. No need for action.


Support

If you still have questions or concerns regarding this advisory, please contact the bitvoodoo support via support.bitvoodoo.ch

Image Removed

...

.



bitvoodoo Advisories BVADVIS