INDEX: Log4j vulnerability impact on FlexNet Operations

INDEX: Log4j vulnerability impact on FlexNet Operations

This article is an extension of the Log4j security advisory and serves to consolidate impact and mitigation details of related Log4j vulnerabilities with regards to FlexNet Publisher. 

FlexNet Operations Product Assessment:

Product CVE Potential Exposure Fixed Version Mitigation Resources
FlexNet Operations ALM CVE-2021-44228 Yes 2022.01

Upgraded to Log4j 2.17.0

  • Core module
  • Updates and Insights
  CVE-2021-45046 Yes 2022.02

To be upgraded to Log4j 2.17.1

  • Core module
  • Updates and Insights
  CVE-2021-45105 Yes 2022.02

To be upgraded to Log4j 2.17.1

  • Core module
  • Updates and Insights
  CVE-2021-44832 Yes 2022.01

Upgraded to Log4j 2.17.0

  • Core module
  • Updates and Insights

To be upgraded to Log4j 2.17.1 (2022.02)

  CVE-2021-4104 Yes 2022.02

To be upgraded to Log4j 2.17.1

  • LFS
  • UAS
  • CLS
  CVE-2019-17571 Yes 2022.02

To be upgraded to Log4j 2.17.1

  • LFS
  • UAS
  • CLS
FlexNet Operations LLM CVE-2021-44228 No N/A N/A
  CVE-2021-45046 No N/A N/A
  CVE-2021-45105 No N/A N/A
  CVE-2021-44832 No N/A N/A
  CVE-2021-4104 Yes 2022.02 To be upgraded to 2.17.1
  CVE-2019-17571 No N/A N/A
FlexNet Operations On-Premises CVE-2021-44228 Yes 2021 R1 Hotfix KB Article
  CVE-2021-45046 Yes 2021 R1 Hotfix KB Article
  CVE-2021-45105 Yes 2021 R1 Hotfix KB Article
  CVE-2021-44832 Yes Pending

To be upgraded to Log4j 2.17.1

  • Core module
  • Updates and Insights
  CVE-2021-4104 Yes Pending

To be upgraded to Log4j 2.17.1

  • LFS
  • UAS
  • CLS
  CVE-2019-17571 Yes Pending

To be upgraded to Log4j 2.17.1

  • LFS
  • UAS
  • CLS

 

Labels (2)
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Jan 14, 2022 12:02 PM
Updated by:
Contributors