This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

CVE-2021-45046: Log4j vulnerability impact on FlexNet Publisher?

CVE-2021-45046: Log4j vulnerability impact on FlexNet Publisher?

FNP is not vulnerable to log4j vulnerability (CVE-2021-45046), howeverIn FNP, log4j is packaged with an example runalerter script under the lmadmin kit.

Example script runalerter showcases sending the mails to a targeted audience in case of any alert on lmadmin side. log 4j is not tightly coupled with lmadmin. It is optional and independent of lmadmin.

The jar files are just part of the example section. The activity of upgrading the log4j to the latest version can be also be performed by the customer if required.

Note: All the vulnerable FNP versions (11.17.1) onwards have been pulled out of PLC.

Update: 16/Dec/2021:
Log4j version has been upgraded to 2.16.0 and an updated version of FNP 11.18.3.1 is now available in the Product and License Center.

Update: 24/Dec/2021:
Log4j version has been upgraded to 2.17.0 and an updated version of FNP 11.18.3.1 is now available in the Product and License Center.

Check CVE-2021-44228: Log4j vulnerability impact on FlexNet Publisher for more information about CVE-2021-44228

Labels (2)
Was this article helpful? Yes No
0 Kudos
No ratings
Version history
Last update:
‎Dec 27, 2021 12:00 AM
Updated by:
Revenera Moderator Revenera Moderator
Contributors