Atlassian Rolls Out Fixes to Tackle High Severity Flaws

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
High-Severity Flaws Uncovered in Atlassian Products

The Australian software firm Atlassian rolled out fixes to tackle four high-severity product vulnerabilities that could lead to DoS attacks and remote code execution. Atlassian uncovered these flaws utilizing pen-testing processes, the Bug Bounty program, and third-party library scans.

Here’s a detailed breakdown of these four vulnerabilities:


This particular vulnerability, with a CVSS score of 7.5, was identified as a deserialization flaw within the Google GSON package. It significantly impacted Patch Management within the Jira Service Management Data Centre and Server. (Affected Versions: Jira 4.20.0)


This vulnerability, with a CVSS score of 7.5, was identified as a DoS flaw in the Confluence Data Centre and Server. (Affected Versions: Confluence 5.6 and impacts release up to 8.6.0)


A critical Remote Code Execution (RCE) vulnerability was discovered in Bitbucket Data Centre and Server, with a CVSS score of 8.5. (Affected Versions: Bitbucket 8.0.0 and impacts most releases until version 8.14.0)


This vulnerability pertained to a DoS flaw in the Apache Tomcat server, explicitly affecting the Bamboo Data Centre and Server. It received a CVSS score of 7.5. (Affected Versions: Bamboo 8.1.12)

Atlassian has diligently addressed these four vulnerabilities in the latest versions of its products released last month.

The company recommends users upgrade their instances to these versions:

  • Bamboo Server and Data Center (versions – 9.2.4, 9.3.1, or later)
  • Confluence Server and Data Center (versions – 7.19.13, 7.19.14, 8.5.1, 8.6.0, or later)
  • Bitbucket Server and Data Center (versions – 8.9.5, 8.10.5, 8.11.4, 8.12.2, 8.13.1, 8.14.0, or later)
  • Jira Service Management Server and Data Center (versions – 4.20.25, 5.4.9, 5.9.2, 5.10.1, 5.11.0, or later)

Protect your Organization, Website and Data with Cyber Attacks, Vulnerabilities and Online Threats with Professional Cyber Security Services.

Janki Mehta

Janki Mehta

Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.