Mar 21, 2022
03:28 PM
1 Kudo
I came back to this thread to check about: CVE-2021-44832 (this is a NEW vulnerability) I have been notified by my internal IT Security that the impacted file versions listed in the CVE exist on the UI servers in my environment. We just updated to 5.5.50 on 3/18/2022 and the version impacted is still showing three files: log4j-1.2-api-2.17.0.jar log4j-api-2.17.0.jar log4j-core-2.17.0.jar at the following path: Program Files\BDNA\User Console\Solution\system\kettle\plugins\elasticsearch-bulk-insert-plugin\lib At what point whould we expect a patch that will remediate this to the recommended version of 2.17.1? Or is the expected remediation to manually replace these files on the server vs. through console version update/patching?
... View more
Dec 29, 2021
07:45 AM
4 Kudos
Do we have an ETA on a patch for Data Platform and Technopedia for Potential Exposure to CVE-2021-4104? My security department is riding me pretty hard about this.
... View more
Latest posts by lkwinchester
Subject | Views | Posted |
---|---|---|
1046 | Mar 21, 2022 03:28 PM | |
9151 | Dec 29, 2021 07:45 AM |
Activity Feed
- Posted Re: Identifying Apache Log4j JNDI Vulnerability “Log4Shell” and Variants (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-4104) on Data Platform Release Blog. Mar 21, 2022 03:28 PM
- Got a Kudo for Re: Identifying Apache Log4j JNDI Vulnerability “Log4Shell” and Variants (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-4104). Mar 21, 2022 03:28 PM
- Got a Kudo for Re: Flexera’s response to Apache Log4j remote code execution vulnerability CVE-2021-4104, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44228. Jan 03, 2022 05:46 PM
- Got a Kudo for Re: Flexera’s response to Apache Log4j remote code execution vulnerability CVE-2021-4104, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44228. Dec 29, 2021 07:53 AM
- Got a Kudo for Re: Flexera’s response to Apache Log4j remote code execution vulnerability CVE-2021-4104, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44228. Dec 29, 2021 07:46 AM
- Got a Kudo for Re: Flexera’s response to Apache Log4j remote code execution vulnerability CVE-2021-4104, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44228. Dec 29, 2021 07:46 AM
- Posted Re: Flexera’s response to Apache Log4j remote code execution vulnerability CVE-2021-4104, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44228 on Community Notices. Dec 29, 2021 07:45 AM
- Kudoed Flexera’s response to Apache Log4j vulnerabilities CVE-2021-4104, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44228 for dosborn. Dec 15, 2021 08:04 AM