Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Does log4j vulnerability affect confluence atlassian version 5.1.3

brindha.panneerchelvam
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
December 22, 2021

is confluence atlassian version 5.1.3 using BAD version of Log4j, if yes please share the plan to upgrade to 2.16 or 2.17.

on server we could find below jars in our installation path.

./confluence-5.1.3-prd/confluence/WEB-INF/lib/slf4j-log4j12-1.6.4.jar
./confluence-5.1.3-prd/confluence/WEB-INF/lib/log4j-1.2.15.jar

 

2 answers

1 vote
Jack Brickey
Community Champion
December 22, 2021

I would refer you here for any Log4j questions. multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution 

and you can always reference the Atlassian Trust page for any security questions. Finally the Atlassian Support page. 

1 vote
Mikael Sandberg
Community Champion
December 22, 2021

Hi @brindha.panneerchelvam,

Welcome to Atlassian Community!

Please check out this thread for the latest information regarding Log4j, https://community.atlassian.com/t5/Trust-Security-articles/Atlassian-s-Response-to-Log4j-CVE-2021-44228/ba-p/1886598 

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events