CVE-2021-4104 - log4j vulnerabilities and Dollar Universe
search cancel

CVE-2021-4104 - log4j vulnerabilities and Dollar Universe


Article ID: 246590


Updated On:


CA Automic Dollar Universe


Kindly help to check and assess if Dollar-U is impacted with below mentioned Log4j CVE's

CVE-2021-4104 is a high severity deserialization vulnerability in JMSAppender. JMSAppender uses JNDI in an unprotected manner allowing any application using the JMSAppender to be vulnerable if it is configured to reference an untrusted site or if the site referenced can be accesseed by the attacker. For example, the attacker can cause remote code execution by manipulating the data in the LDAP store.


Release : 6.x

Component : Dollar Universe


The reported vulnerability is related to JMS appender and it is not used in $U Product, henceforth $U is not impacted by the vulnerability.