CMOD.wiki

Difference between revisions of "Apache Log4j & CMOD ODWEK ICN"

Apache Log4j & CMOD ODWEK ICN (view source)

Revision as of 22:02, 13 December 2021

191 bytes removed ,  22:02, 13 December 2021
m
Removed update at IBM's request.
m (Minor changes to explanation...)
m (Removed update at IBM's request.)
Line 3: Line 3:


This issue has been assigned the following designation:  CVE-2021-44228 and scores a 10 out of 10 on the Common Vulnerability Scoring System (CVSS)
This issue has been assigned the following designation:  CVE-2021-44228 and scores a 10 out of 10 on the Common Vulnerability Scoring System (CVSS)
'''UPDATE:''' IBM has responded to a customer ticket, stating that CMOD / ODWEK do not use the JNDI feature of log4j, and *should* not be vulnerable, but still advises customers to upgrade.


Follow the upgrade instructions here:  [[Apache_Log4j_%26_CMOD_ODWEK_ICN#Upgrading_log4j_v2.15.x|Upgrading log4j]]
Follow the upgrade instructions here:  [[Apache_Log4j_%26_CMOD_ODWEK_ICN#Upgrading_log4j_v2.15.x|Upgrading log4j]]
Retrieved from "https://CMOD.wiki/index.php?title=Special:MobileDiff/1043"