Return
-
Title
Apache Log4j 2 CVE-2021-45105 -
Description
Spotlight on SQL Server Enterprise Versions 13.1, 13.2, 13.2.1, 13.3.x, 13.4.x and 13.5.x are affected by CVE-2021-45105. -
Cause
https://nvd.nist.gov/vuln/detail/CVE-2021-45105 -
Resolution
Upgrade to Spotlight of SQL Server Enterprise versions 13.5.3, 13.4.3 or 13.3.2. Those versions of Spotlight on SQL Server Enterprise have upgraded log4j to version 2.17, which is not subject to the CVE-2021-45105 vulnerability.
All of the Spotlight on SQL Server Enterprise versions 13.5.3, 13.4.3 and 13.3.2 executables are available at the links below:
Spotlight on SQL Server version 13.5.3
https://support.quest.com/spotlight-on-sql-server-enterprise/13.5.3/download-new-releases
Spotlight on SQL Server version 13.4.3
https://support.quest.com/spotlight-on-sql-server-enterprise/13.4.3/download-new-releases
Spotlight on SQL Server version 13.3.2
https://support.quest.com/spotlight-on-sql-server-enterprise/13.3.2/download-new-releases