A critical vulnerability within the Apache Log4j 2 Security Vulnerability CVE-2021-45046 and its impacts with Clarity, Jaspersoft, and ODATA (Clarity SaaS)
Not Impacted
- Clarity SaaS and Clarity On-Premise Customers are not affected by this vulnerability as Clarity is not impacted since all versions of Clarity are on Log4j 1.2.15 or older. CVE-2021-45046 reported vulnerability on Log 4j 2.0 to 2.16. Hence no remediation steps are needed for Clarity SaaS and Clarity On-Premise customers.
- Clarity SaaS ODATA service is also not impacted as it is using Apache Log4j 1.2.XX.
- Jaspersoft 7.1/7.1.3 is not impacted as these versions of Jaspersoft are on Log4j 1.2.XX.
Impacted
- Jaspersoft 7.8 is impacted