CVE-2021-45105: Is Service Operations Insight (SOI) affected by this log4j vulnerability?
search cancel

CVE-2021-45105: Is Service Operations Insight (SOI) affected by this log4j vulnerability?

book

Article ID: 231039

calendar_today

Updated On:

Products

CA Service Operations Insight (SOI)

Issue/Introduction

CVE-2021-45105 has come up on our security scans.

Is SOI 4.2 exposed to this vulnerability?

Environment

Release : 4.2

Component : Service Operations Insight (SOI) Manager

 

CA Help Desk Connector - Release : 1.1.1 and 1.2.0

Cause

The overall SOI product is not affected by this vulnerability.

CA Help Desk Connector - Release : 1.1.1 and 1.2.0 Is exposed

Resolution

CA Help Desk Connector 1.2.1 Released with Log4j-2.17.0 upgrade.

This remediates CVE-2021-45105.

Please upgrade your CA Help Desk Connector.

  SOI Connector Downloads

 Please note: make sure all other components of SOI are at supported versions.

  https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/service-operations-insight-connectors/connectors/ca-soi-connectors-compatibility-matrix.html

Additional Information

CVE-2021-44228 - CVE-2021-45046: Is Service Operations Insight (SOI) affected by the Remote code injection in log4j vulnerability?

https://knowledge.broadcom.com/external/article/230292/

CVE-2019-17571 - Is Service Operations Insight (SOI) affected by this vulnerability?

https://knowledge.broadcom.com/external/article/230849/