search cancel

Log4j vulnerabilities and ESP dSeries Workload Automation DE

book

Article ID: 239830

calendar_today

Updated On:

Products

CA Workload Automation DE - Business Agents (dSeries)

Issue/Introduction

Is ESP dSeries Workload Automation DE affected by the log4j vulnerabilities? 

 

Environment

Release : 12.1, 12.2, 12.3

Component : ESP dSeries Workload Automation DE

 

Resolution

Below is a list of Log4j vulnerabilities that have been reported to us. Please see their relevant KB Articles for more details. 

 

For Log4j 2.1x Vulnerability, CVE-2021-44228, please this KD:

 

Our development has confirmed that ESP dSeries Workload Automation DE is not affected by these Log4j 1.x Vulnerabilities.  

  • CVE-2021-4104
  • CVE-2019-17571
  • CVE-2022-23302
  • CVE-2022-23305
  • CVE-2022-23307

 

Additional Information

Please note that new vulnerability are being reported on daily basis.  There is no fix for any log4j 1.x version, as Apache has ended support for this version.