Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Medium
Fix Version/s: 9.4.11, 9.11.2, 9.12.0
Affects Version/s: 9.11.0
Component/s: Security
Labels:

Introduced in Version:
9.11
Support reference count:
2
Symptom Severity:
Severity 3 - Minor
UIS:
2

Problem

Apache Tomcat should be upgraded to 9.0.80 or a later version to fix CVE-2023-41080

Environment

Jira v9.11

Steps to Reproduce

Current bundled Tomcat version is Tomcat 9.0.75 which is vulnerable to CVE-2023-41080. Upgrade Tomcat to version v9.0.80 to fix this vulnerability.

Workaround

At your own risk, you can manually upgrade Tomcat as instructed on this KB:

How to upgrade Apache Tomcat version used by Jira

WARNING: Unless still reproducible on official releases, Atlassian Support may refuse support requests for Jira running over unofficial Tomcat versions.

Notes

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

Assignee:: Konrad Plasota
Reporter:: Binoy Nicholas
Votes:: 0 Vote for this issue
Watchers:: 16 Start watching this issue

Created:: 07/Sep/2023 1:11 AM
Updated:: 05/Jun/2024 6:34 AM
Resolved:: 08/Sep/2023 2:11 PM

Details

Description

Problem

Environment

Steps to Reproduce

Workaround

Notes

Attachments

Issue Links

Forms

Activity

People

Dates