Jaspersoft 7.9 log4j vulnerabilities CVE-2019-17571,CVE-2022-23302,CVE-2022-23305,CVE-2022-23307 CVE-2020-9488
search cancel

Jaspersoft 7.9 log4j vulnerabilities CVE-2019-17571,CVE-2022-23302,CVE-2022-23305,CVE-2022-23307 CVE-2020-9488

book

Article ID: 234720

calendar_today

Updated On:

Products

CA Service Desk Manager

Issue/Introduction

Do these vulnerabilities impact Jaspersoft 7.9 and if yes, how to address them?

Environment

Release : 17.3

Component : SDM - Reporting/BOXI/JasperSoft

Resolution

Jaspersoft 7.9 is not impacted by CVE-2019-17571,CVE-2022-23302,CVE-2022-23305,CVE-2022-23307. Please refer to 

https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update

and CVE-2020-9488 does--Tibco recommended upgrade log4j to 2.17 to address this vulnerability. Detailed instruction can be found here

https://community.jaspersoft.com/wiki/apache-log4j-vulnerability-update-jaspersoft-products

Powered by Wolken Software