Are currently supported versions of SharePlex affected by the latest vulnerability Apache log4j 2 CVE-2021-44228? (4354654)

Chat now with support

Zurück

Feedback übermittelt

Konnten Sie mithilfe dieses Artikels ein Problem lösen?

Bewertung auswählen

Titel

Are currently supported versions of SharePlex affected by the latest vulnerability Apache log4j 2 CVE-2021-44228?
Beschreibung

Quest R&D has reviewed SharePlex and determined that SharePlex is not affected by CVE-2021-44228.
SharePlex deploys log4j version 1.2.15 on installation, but that version of log4j it is not subject to CVE-2021-44228, and is only used by SharePlex for JMS/MQ
Ursache

Apache log4j 2 vulnerability:
https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/
https://nvd.nist.gov/vuln/detail/CVE-2021-44228
Lösung

Because SharePlex is not impacted by CVE-2021-44228, no action is required.
Development team created a one-off for log4j Vulnerability and this will be included as part of SharePlex version 10.2 release. If one-off is required for older versions, please raise a request with support.
Please note that log4j is only used by SharePlex for JMS/MQ target.

Feedback übermittelt

Konnten Sie mithilfe dieses Artikels ein Problem lösen?

Bewertung auswählen

Empfohlener Inhalt

Produkt(e):: SharePlex
10.1.2, 10.1.1, 10.1, 9.2.10, 9.2.8, 9.2.7, 9.2.6, 9.2.5, 9.2.4, 9.2.3, 9.2.1, 9.2

Artikelhistorie:: Erstellt am: 12/13/2021
Letzte Aktualisierung am: 5/7/2023

Titel