View Source

Communcation by Vendor

On 17 Dec 2021 we learned via EPS that there is a security vulnerability in their app PTC & STC Insight Extension for Confluence Server related to Log4Shell (CVE-2021-44228). We urge our customers to deactivate the app for the moment until a new release with fix is available.

Our cloud apps are not affected by Log4, however our PTC server/datacenter app is. We are working on a hotfix and will release it as soon as possible.
Best Regards

- https://focuspro.atlassian.net/servicedesk/customer/portal/4/DESKAA-185

Date	20 Dec 2021
Product	PTC & STC Insight Extension
Vulnerability	Critical
CVE	CVE-2021-44228
Marketplace link	https://marketplace.atlassian.com/apps/1216868/
Base product	Confluence
Vendor	EPS

Recommendation by bitvoodoo

If you use PTC & STC Insight Extension, deactivate or uninstall the app
Wait for a new release, watch the App on the Atlassian Marketplace to learn about new releases via email
- Open https://marketplace.atlassian.com/apps/1216868/
- Scroll down to Resources and click "Watch App"

Support

If you need any assistance please contact the bitvoodoo support via support.bitvoodoo.ch.