Atlassian Update
1767Warning Date
Severity Level
Warning Number
Target Sector
21 October, 2021
● High
2021-3715
All
Description:
Atlassian has released a security update to address a vulnerability in the following products:
- Insight - Asset Management app - Marketplace download version:
- All 5.x versions
- All 6.x versions
- All 7.x versions
- All 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.x, 8.6.x, 8.7.x, 8.8.x versions
- All 8.9.x versions before 8.9.3
- Jira Service Management Data Center and Server version:
- All 4.15.x versions (Insight v. 9.0.x bundled)
- All 4.16.x versions (Insight v. 9.0.x bundled)
- All 4.17.x versions (Insight v. 9.0.x bundled)
- All 4.18.x versions (Insight v. 9.0.x bundled)
- All 4.19.x versions (Insight v. 9.1.0 bundled)
Threats:
Attacker could exploit this vulnerability by doing the following:
- Execute arbitrary code –remotely
Best practice and Recommendations:
The CERT team encourages users to review Atlassian security advisory and apply the necessary updates: