CVE-2020-9488 - log4j vulnerabilities and Dollar Universe
search cancel

CVE-2020-9488 - log4j vulnerabilities and Dollar Universe


Article ID: 246588


Updated On:


CA Automic Dollar Universe


Kindly help to check and assess if Dollar Universe is impacted with below mentioned Log4j CVE's

CVE-2020-9488 is a moderate severity issue with the SMTPAppender. Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender.


Release : 6.x

Component :Dollar Universe


The current vulnerability holds a severity rating low and is not reflected in our security scan as it is related to SMTP appender and it is not used in Dollar Universe Product, henceforth $U is not impacted by the vulnerability.