Accessing a Jira issue attempts to load resources from statlas.prod.atl-paas.net which resolves to a private address

XMLWordPrintable

    • 1
    • Severity 3 - Minor

      Issue Summary

      When accessing Jira issues from outside the Atlassian network, users will see requests to private IP addresses in the 10.88.x.x range. These are internal Class A private IPs that can't be accessed via public-facing servers.

      Steps to Reproduce

      1. Attempt to load a Jira issue and run a network trace to review destination IPs called
      2. You may notice requests to 10.88.35.227, 1.88.13.87 and 10.88.14.21 which are private IPs via a network trace
      3. These resolve to the domain statlas.prod.atl-paas.net which seems to be an internal resource

      Expected Results

      Resources are only loaded from publicly accessible web servers when accessing Jira issues.

      Actual Results

      Customers will see requests to 10.88.x.x private IP addresses which is incorrect

      Workaround

      This issue does not affect Jira product functionality. Rather it is likely a security concern for customers who will want to understand why we are attempting to make calls to internal IP addresses.

            Assignee:
            Ankit Ghosh
            Reporter:
            Ani Gurudutt
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: