Page History
...
- All Xray/Xporter Server/DC and Cloud products and Xray Exploratory Testing (XEA) - Our investigation confirmed there are no exposed instances of the Apache Log4j library within the version range that contains this vulnerability. Therefore, the investigation confidently concludes all product versions are not impacted by the Apache Log4j vulnerability.
- Xray Server/DC and Cloud connectors - The following Xray connectors were found to contain a vulnerable version of the Apache Log4j library. Each has been updated to remove the vulnerability and those updates are now available as follows:
- Xray Connector for Bamboo
Available on the Atlassian Marketplace
Instructions: https://docs.getxray.app/display/XRAY/Integration+with+Bamboo - Xray TeamCity Plugin
Available on our documentation
Instructions: https://docs.getxray.app/display/XRAY/Integration+with+TeamCity - Xray for JIRA Jenkins Plugin
Available on the Jenkins Plugin Manager
Instructions: https://docs.getxray.app/display/XRAY/Integration+with+Jenkins Xray Maven Plugin
Available on the Xray Maven Repository
Instructions: https://docs.getxray.app/display/XRAY/Integration+with+Maven
- Xray Connector for Bamboo
- All Other Idera Family Of Products - Our investigation confirmed there are no exposed instances of the Apache Log4j library within the version range that contains this vulnerability. Therefore, the investigation confidently concludes none are impacted by the Apache Log4j vulnerability.
Although our initial and thorough investigation has concluded, Idera continues to monitor for potential breaches, we will continue actively to monitor this situation and communicate with stakeholders as appropriate.
...