Atlassian Confluence Server & Data Center


Vendor Data
Community Data Vulnerability Disputed

Vendor Resources

Resource Link
Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228 https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html

Community Resources

Resource Link
source https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable
NCSC-NL Only vulnerable when using non-default config, cloud version fixed
CISAGov This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration.

Sources

Date Attribution Description
2022-01-03 11:01:35 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228. Updated community note.