Security Vulnerabilities Instance Health Check failing
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
Security Vulnerabilities is failing with the following error:
1
Exception during health check invocation java.lang.RuntimeException: org.codehaus.jackson.JsonParseException: Unexpected character ('<' (code 60)): expected a valid value (number, String, array, object, 'true', 'false' or 'null') at [Source: java.io.StringReader@870eb08; line: 1, column: 2]or
1
[c.a.t.healthcheck.concurrent.SupportHealthCheckProcess] Health check 'Security Vulnerabilities' failed with severity 'undefined': 'The health check was unable to complete within the timeout of 30000ms.'Environment
Atlassian Troubleshooting and Support Tools 1.34.0 and onward versions
Forward Proxy
Firewall restriction
Diagnosis
Run the curl command from the application server:
Jira:
1
curl https://atst-data.atl-paas.net/healthcheck/cve/jira.json | jqJSM:
1
curl https://atst-data.atl-paas.net/healthcheck/cve/jsd.json | jqConfluence:
1
curl https://atst-data.atl-paas.net/healthcheck/cve/confluence.json | jqBamboo:
1
curl https://atst-data.atl-paas.net/healthcheck/cve/bamboo.json | jqCause
The security vulnerability health check was introduced in the recent ATST version since 1.34.0. To make it work, your application needs to be able to access the following URL:
Jira: https://atst-data.atl-paas.net/healthcheck/cve/jira.json
JSM: https://atst-data.atl-paas.net/healthcheck/cve/jsd.json
Confluence: https://atst-data.atl-paas.net/healthcheck/cve/confluence.json
Bamboo: https://atst-data.atl-paas.net/healthcheck/cve/bamboo.json
Solution
If a connection can’t be established, for example, if you’re using a restrictive firewall or proxy server settings, the tool won’t be able to fetch any updates to version data, security vulnerability or documentation.
We recommend reviewing the forward proxy and/or firewall restrictions to allow access to *.atl-paas.net.
A feature has been added under recent ATST version 1.36.1, where if cannot allow access to *.atl-paas.net due to security policies, then admin does have an option to disable this check. In case you disable this health check, then as expected Confluence will not be able to report security vulnerabilities as a part of system health checks.
Was this helpful?