Impact of CVE-2023-51467 on Jira/Confluence

Hello,

We use Jira et Confluence Data Center.

I saw the vulnerability CVE-2023-51467, regarding to Apache OFBiz. Our Atlassian Products are impacted? Do they use Apache OFBiz?

Thanks!

1 comment

Comment

Hello Ana,

The editor has given a response :

Jira DC
Jira DC uses Atlassian's fork of the Entity Engine module of the Apache OfBiz project. We use only the Entity Engine module, while the vulnerability is in the framework module.

Confluence DC
Confluence does not use the Apache OfBiz library and is not vulnerable to this vulnerability.

Regards.

Abdel.

Like • like this

Hello Abdel,

Does this also apply to Jira/Confluence Server Version?

Best,

Dominik

Like • like this

Dear all,

I receive a message from my company to solve this issue.

Can you confirm that server version is impacted ?

even if we will use DC licenses after the 15th february, I need to know if this issue impact Jira and Confluence Server.

Regards,

Cédric

Was this helpful?

Thanks!

Trust & Security

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Impact of CVE-2023-51467 on Jira/Confluence

1 comment

Comment

Was this helpful?

Thanks!

TAGS

Atlassian Community Events