How to fix the log4j vulnerability for Endpoint management 14.0 ?
Article ID: 231210
Updated On:
Products
CA Privileged Identity Management Endpoint (PIM)
Issue/Introduction
I can see C:\jboss-4.2.3.GA\server\minimal\lib\log4j.jar file.
But, There is no guide about replace this file.
Isn't this file vulnerable?
Environment
Release : PIM 14.0
Component :
Cause
In technical documents we cannot see Endpoint Management
Resolution
development states :
log4j.jar is not vulnerable and hence we have not given any steps to upgrade it.
The impact is there on log4j 2.x onwards. Please refer to the below article from apache.
https://logging.apache.org/log4j/2.x/security.html
Feedback
Yes
No
Powered by
