cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SAP BusinessObjects BI 4.x : CVE-2021-44228

Is SAP BusinessObjects BI 4.x (4.1) impacted by apache log4j? If so, please release advisories for it

(2) Replies
raslam
By Level 7 Flexeran
Level 7 Flexeran

The SAP site is down now, and the Secunia Research team is waiting for this to function again. We will get back to you ASAP.

https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021

raslam
By Level 7 Flexeran
Level 7 Flexeran

We can't handle the CVE-20211-44228 for SAP products as they have "hidden" their statement behind a login. We cannot tell what products are affected or what fixes they issued. If you are paid customer and have access to the below URL and pdf,  please share with us so that we can further look into this. 

https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf