Dear customer, On the 18th of February 2025, Atlassian issued a Security Bulletin for Confluence Data Center and Server, and Crowd Data Center and Server. The Cloud versions of the applications are not affected. What you need to knowAtlassian has released a Security Bulletin on multiple vulnerabilities, including five critical issues that we list here. Those were fixed in recent updates. While not a Critical Security Advisory, Although the bulletin contains critical vulnerabilities, Atlassian has decided not to publish a security advisory. This means that the vulnerabilities have a lower impact. However, in some cases Atlassian still advises updating affected systems for security. Affected Versionsinfo| Affected Version |
|---|
| Confluence Data Center and Server | - 9.2.0 (LTS)
- 9.1.0 to 9.1.1
- 9.0.1 to 9.0.3
- 8.9.0 to 8.9.8
- 8.8.0 to 8.8.1
- 8.7.1 to 8.7.2
- 8.6.0 to 8.6.2
- 8.5.0 to 8.5.18 (LTS)
- 8.4.0 to 8.4.5
- 8.3.0 to 8.3.4
- 8.2.0 to 8.2.3
- 8.1.1 to 8.1.4
- 7.19.6 to 7.19.30 (LTS)
| | Crowd Data Center and Server | - 6.2.0
- 6.1.0 to 6.1.3
- 6.0.1 to 6.0.6
- 5.3.0 to 5.3.6
|
Fixed Versions| Product | Fixed Versions |
|---|
| Confluence | - 9.3.1 Data Center Only
- 9.2.1 (LTS) recommended Data Center Only
- 8.5.19 (LTS)
| | Crowd | - 6.2.2 recommended Data Center Only
- 6.1.4 Data Center Only
- 6.0.7 Data Center Only
|
What should I do? | Localtab Group |
|---|
| Localtab |
|---|
| active | true |
|---|
| title | Confluence Server & Data Center |
|---|
| tabIcon | bvicon-server |
|---|
| You use Confluence Data Center and Server If you're using one of the following versions or newer, the issues are already fixed: - 9.3.1 (Data Center Only)
- 9.2.1 (LTS, recommended for Data Center Only)
- 8.5.19 (LTS)
If your Confluence is running | - 8.9.0 to 8.9.8
- 8.8.0 to 8.8.1
- 8.7.1 to 8.7.2
- 8.6.0 to 8.6.2
- 8.5.0 to 8.5.18 (LTS)
- 8.4.0 to 8.4.5
- 8.3.0 to 8.3.4
- 8.2.0 to 8.2.3
- 8.1.1 to 8.1.4
| - 9.2.0 (LTS)
- 9.1.0 to 9.1.1
- 9.0.1 to 9.0.3
|
Then you should check: - If your Confluence instance runs on a case-sensitive filesystem (default on Linux), we
assess as and consider to be 's running - runs on a case-insensitive filesystem (default on Windows and macOS), we
assess as - medium and we recommend a minor update.
|
| Localtab |
|---|
| Localtab |
|---|
| title | Atlassian Confluence Cloud |
|---|
| tabIcon | bvicon-cloud |
|---|
| You use Confluence Cloud | Tip |
|---|
You are not affected by this Security Advisory. No need for action. |
| | title | Crowd Data Center and Server |
|---|
| tabIcon | bvicon-menu |
|---|
| You use Crowd Data Center and Server If you're using one of the following versions or newer, the issues are already fixedwe assess the risk as medium and recommend a minor update: 2 recommended Data Center Only.4 Data Center Only6.0.7 Data Center OnlyOtherwise we assess the risk as medium and recommend a minor update- .0 to 6.1.3
- 6.0.1 to 6.0.6
| |
|
| Localtab |
|---|
| title | Atlassian Confluence Cloud |
|---|
| tabIcon | bvicon-cloud |
|---|
| You use Confluence Cloud | Tip |
|---|
You are not affected by this Security Advisory. No need for action. |
|
|
Support If you still have questions or concerns regarding this advisory, please contact the bitvoodoo support via support.bitvoodoo.ch. | 
