Atlassian security advisory (AV22-404)

From: Canadian Centre for Cyber Security

Number: AV22-404
Date: 21 July 2022

On 20 July 2022 Atlassian published Security Advisories to address critical vulnerabilities in the following products:

  • Bamboo Server and Data Center – multiple versions
  • Bitbucket Server and Data Center – multiple versions
  • Confluence Server and Data Center – multiple versions
  • Crowd Server and Data Center – multiple versions
  • Fisheye and Crucible – versions prior to 4.8.10
  • Jira Server and Data Center – multiple versions
  • Jira Service Management Server and Data Center – multiple versions

Exploitation of these vulnerabilities could lead to security bypass and remote code execution.

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: