Obsolete Apache Log4j 1.X detected in affwebservices in CA Access Gateway (SPS)
search cancel

Obsolete Apache Log4j 1.X detected in affwebservices in CA Access Gateway (SPS)

book

Article ID: 239905

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign-On

Issue/Introduction

The log4j-1.2.17.jar file exists in affwebservices application of CA Access Gateway (SPS):

/{home_SPS}/Tomcat/webapps/affwebservices/WEB-INF/lib/log4j-1.2.17.jar
 
Log4j 1.x has reached End of Life in 2015 and is no longer supported (1)(2).

This file is reported as vulnerable.

Environment

CA Access Gateway (SPS)

Resolution

This file can be safely removed from the system without any impact to SiteMinder CA Access Gateway (SPS) or affwebservices.

Additional Information

Powered by Wolken Software