Get in touch

BDQ Solutions

Lightning Implementations
For people who know what they want, and want it done fast
Enhancement Hours
Get best practice and configuration consultancy.
Review and Assessment
A low cost, low risk way to get the assistance you need.
Digital Adoption Services
Make sure software is being used consistently across teams.
PII Services
Our solution to help you find unauthorised data.
DevOps Services
Get great, high quality software shipped faster. Faster.
Test Automation & Management
Reduce costs and increase quality with automation.

    Atlassian Solutions

    Atlassian Enterprise
    Jira Work Management
    work management for technical & non-technical teams.
    Cloud Migration Services
    Quicker and more cost effective than doing it in house.
    Jira Service Management / ITSM
    Fast, painless, fixed price ITSM implementations.
    BDQ AtlassianCare
    Cost effective, flexible care options.
    Other Atlassian Services
    Maximise the potential of your Atlassian products.

      Other Solutions

      Complete managament software for legal practitioners.
      Asana Digital Work Management
      A simple, flexible way to manage work for business.
      Solutions Home


      Expert consulting and managed services to help complex organisations to work flatter, faster and more dynamically.

      With the help of our trusted partner:



        BDQ Originals



          Other products








              Whether it's our own Atlassian Marketplace apps or the apps that we provide a value-added-reseller service for, you can trust BDQ for the best support, consultancy, training and implementation available.

              Reseller Details

              Products Home



                • We provide high quality technology training to customers in the UK, EU and US.

                • Our customers range from small companies to multi-nationals. They all want to maximise employee productivity.

                • We listen to what our customers want to achieve, and take this into account when delivering the courses.

                home-icon-300x300Training Home →

                  About Us

                  This is where you can find out all about BDQ. Where did we come from, what is our goal, what do our customers have to say about working with us? You'll find all those answers and more using the links here.

                  However, if you have any questions that you haven't found answers for, feel free to get in touch.


                    3 min read

                    Confluence Security Advisory

                    Featured Image

                    Are you a Confluence user? If so, you should be aware that Atlassian have today announced two critical security vulnerabilities (both Server and Data Center versions but not Cloud).

                    There's more information from Atlassian here: Confluence Security Advisory - 2019-03-20

                    Here's the detail you need to know.

                    What are the vulnerabilities?

                    WebDAV vulnerability - CVE-2019-3395

                    • Critical
                    • Atlassian issue: SSRF via WebDAV endpoint - CVE-2019-3395
                    • A remote attacker is able to exploit a Server-Side Request Forgery (SSRF) vulnerability in the WebDAV plugin to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance.
                    • This means that an attacker could send requests to other systems and make it appear that they come from yours. 

                    Widget Connector vulnerability - CVE-2019-3396

                    • Critical
                    • Atlassian issue: Remote code execution via Widget Connector macro - CVE-2019-3396
                    • There was an server-side template injection vulnerability in Confluence Server and Data Center, in the Widget Connector. An attacker is able to exploit this issue to achieve server-side template injection, path traversal and remote code execution on systems that run a vulnerable version of Confluence Server or Data Center.
                    • An attacker could make arbitrary changes to the Confluence system (e.g. replacing the login page to capture passwords) and can compromise the whole server. This is a very serious vulnerability.

                    Which versions of Confluence are affected?

                    • All 1.x.x, 2.x.x, 3.x.x, 4.x.x and 5.x.x versions
                    • All 6.1.x, 6.2.x, 6.3.x, 6.4.x, and 6.5.x versions
                    • All 6.6.x versions before 6.6.12
                    • All 6.7.x, 6.8.x, 6.9.x, 6.10.x and 6.11.x versions
                    • All 6.12.x versions before 6.12.3
                    • All 6.13.x versions before 6.13.3
                    • All 6.14.x versions before 6.14.2

                    Is there a workaround?

                    Yes, customers can apply a pretty simple but temporary workaround:

                    If you are unable to upgrade Confluence immediately, then as a temporary workaround, you can go to cog Manage apps / add-ons and disable the following system plugins in Confluence:

                    • WebDAV plugin
                    • Widget Connector

                    Once you have upgraded Confluence, you can re-enable these plugins. 

                    Anyone with an affected version of Confluence should apply this fix, but it is especially important for anyone with an internet facing installation and should be done immediately. 

                    But the overall best solution is to upgrade Confluence to a later version as soon as possible.

                    We can help

                    If you have any questions, or need help with upgrading Confluence, please just get in touch.

                    About BDQ

                    BDQ is a digital transformation specialist founded in London. We combine great products with highly experienced consultants to help our customers manage tasks, automate work and collaborate more effectively.