Message Image

Skip main navigation (Press Enter).

Other Rocket Products

View Only

Back to discussions

Expand all | Collapse all

Is WebConnect affected by the log4j2 Zero Day vulnerability?

Eric Carlson12-14-2021 11:43

Management is asking us to check all of our java-using applications if they are affected by the log4j2 ...

Vladimir Skobarev12-15-2021 14:58

Hi Eric, Our lab has carefully reviewed the code and determined that although the WUMA application uses ...

1. Is WebConnect affected by the log4j2 Zero Day vulnerability?

0 Like
Eric Carlson
Posted 12-14-2021 11:43

Reply Reply Privately
Management is asking us to check all of our java-using applications if they are affected by the log4j2 zero day vulnerability. Any information you can give me will be appreciated.

------------------------------
Eric Carlson
Product Manager
Kroger Co
Columbus OH US
------------------------------
2. RE: Is WebConnect affected by the log4j2 Zero Day vulnerability?

0 Like
ROCKETEER

Vladimir Skobarev
Posted 12-15-2021 14:58
Edited by Vladimir Skobarev 12-15-2021 14:59

Reply Reply Privately
Hi Eric,
Our lab has carefully reviewed the code and determined that although the WUMA application uses log4j-1.2.14.jar, the affected versions are 2.0<=Apache log4j2 <= 2.14.1.
I am glad to inform you that WebConnect is not impacted by the vulnerability!

------------------------------
Vladimir Skobarev
Manager Technical Support Engineering
Rocket Software
------------------------------

Original Message

Copyright 2022. All rights reserved.

Powered by Higher Logic