We have audited both Burp Suite Enterprise Edition and Burp Suite Professional/Community Edition and determined that neither are vulnerable to the recently disclosed vulnerability in the Java logging library Log4j. Although this library was present in Burp Suite Enterprise Edition due to a transitive dependency, it was not used. This release removes this dependency as a precautionary measure.

Please note that third-party extensions may be vulnerable. You may wish to disable these while they are audited.

Jira bug fix

This release also fixes a bug that prevented you from creating Jira tickets from Burp Suite Enterprise Edition.

Cloud deployment links

If you want to deploy this release of Burp Suite Enterprise Edition to the cloud, you can use the links below to access the corresponding templates and instructions for your preferred platform.

AWS

Azure