After conducting a security scan (for example, using Blackduck or Nessus) or a security review of your community or Jive Tomcat STIGs, vulnerabilities were identified.
You need more information on one of the following items:
- If there are any measures you can take to mitigate or resolve the issues that were identified.
- If the vulnerabilities or issues have been addressed in a newer version of Jive.
- POC that your Jive setup is affected by the reported vulnerability.
- The measures that Aurea/Jive will take to mitigate the vulnerabilities.
This article describes the details needed by Jive Support to assist you with the above items.
You can contact us for questions regarding security scan or security review results. In case ATLAS is not able to resolve your query, you will be informed of the ticket number that will be created and on that, please include the full report of the scan or a detailed list of all the vulnerabilities that were identified and POC.
Support agents: Before raising an internal ticket, try to resolve the issue yourself. See some relevant articles linked below:
- Overview of Jive Security
- Apache HTTP Server Vulnerability Impact on Jive Versions
- New articles are regularly written to address specific vulnerabilities. Perform a KB search for the keyword "vulnerability" to see currently available articles.
If you are not able to find a solution, please fill review the Billing, quotes, renewals, Account Manager requests for all Aurea products process (this applies to Jive Cloud, Hosted, and On-Premise).