CVE-2021-45105: Is Spectrum affected?
search cancel

CVE-2021-45105: Is Spectrum affected?

book

Article ID: 231146

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

Is Spectrum impacted with Vulnerability CVE-2021-45105?

Environment

Release : 10.4.x, 20.x, 21.x

Component : Spectrum OneClick

Cause

Vulnerability of log4j2.xml files

Resolution

This mentioned pattern context lookups ( $${ctx:loginId} ) does not exist in any of our log4j2.xml files of axis2, ca-nim-sm nor in webtomcat, therefore Spectrum is not affected by this vulnerability.

 

 

Additional Information

For further information regarding the main log4j vulnerability

 

https://knowledge.broadcom.com/external/article?articleId=230231

Powered by Wolken Software