Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

CVE-2021-42574 upgrade support

E-comm E-comm
E-comm E-comm
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 9, 2021

Hi with reference to vulnerability - CVE-2021-42574 - Multiple Products Security Advisory - Unrendered unicode bidirectional override characters - CVE-2021-42574 | Atlassian Support | Atlassian Documentation we need to upgrade.

 

Can we do an in place upgrade form our existing version 7.5.1 to 
7.13.18. Or event version 8. 

 

Can we just sue the installer ? - Upgrading JIRA applications using the installer | Administering Jira applications Data Center and Server 7.5 | Atlassian Documentation

 

Thanks Ross

 

 

Answer
Watch
Like Be the first to like this
383 views

1 answer

0 votes
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 3, 2021

Hi Ross,

I see this question has gone unanswered! An upgrade is in order for your 7.5 instance.

There are two primary concerns when considering an upgrade:

  1. License eligibility - I've taken a peek and your license is still in active support, so you can upgrade all the way up to the latest Jira release. You may need to retrieve the latest license key from https://my.atlassian.com - you can enter this now even before upgrading on the Versions & Licenses page in Jira's administration. If you don't have the latest key entered before upgrading, Jira will prompt you for the updated key when you start it up after the upgrade.
  2. Supported platforms - it's unlikely that the database version you're on now is supported in the latest Jira releases. You may need to do an upgrade in multiple steps in order to upgrade Jira, then the database, then Jira again. If you happen to know the database you're on now (MySQL 5.4, Microsoft SQL 2014, etc) then I can suggest the shortest possible upgrade path for you.

The document you've linked is a great resource for upgrading, and the supported platform concern is outlined in that document.

I will note that you need to upgrade to Jira 8.13.13 , or 8.20.1 (or newer) in order to mitigate against this CVE. There are no versions of Jira 7 with the fix for this CVE.

Cheers,
Daniel | Atlassian Community Support

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
SERVER
VERSION
7.5.1.
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.