This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Log4j vulnerability impact on FlexNet Connect

Log4j vulnerability impact on FlexNet Connect

Summary:

Several vulnerabilities have been reported in the Apache Log4j library. This article discusses the impact of the following vulnerabilities on FlexNet Connect:

Log4j 2.x:

  • CVE-2021-45105
  • CVE-2021-45046
  • CVE-2021-44228

Log4j 1.x:

  • CVE-2021-4104
  • CVE-2019-17571

Description:

The Log4j 2.x component is not used in FlexNet Connect Client or FlexNet Connect Back-Office 2017 R3, hence there is no impact from CVE-2021-45105, CVE-2021-45046, or CVE-2021-44228.    

There is no impact from CVE-2021-4104 or CVE-2019-17571 on FlexNet Connect Client or FlexNet Connect Back-Office 2017 R3 since the source code does not use any of the following:

  • SocketAppender
  • SocketServer class
  • SMTPAppender
  • JMSAppender

which are the cause of the Log4j 1.x vulnerabilities mentioned above.  

Resolution:

No resolution required.

Workaround:

No workaround required.

Additional Information:

 
 
Was this article helpful? Yes No
0 Kudos
No ratings
Version history
Last update:
‎Dec 28, 2021 01:14 PM
Updated by:
Revenera Community Admin Revenera Community Admin
Contributors