Skip to main content
J
Jesse22753061316b
Participant
January 20, 2022
Question

Log4j 1.2.15

  • January 20, 2022
  • 2 replies
  • 230 views

Good Afternoon,

 

In regards to the log4j 1.2.15 JAR file found in "cfusion/lib" directory of ColdFusion2018. We have multiple instances running in multiple enclaves of in a government network, and this file is popping up as a CAT 1 vulnerability. This is an issue because they are saying the log4j-1.2.15 version is no longer supported by Apache. My SysAdmin team and Security team would like to know if there is a plan to resolve this issue and make sure Abode is aware.

    This topic has been closed for replies.

    2 replies

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    January 30, 2022

    Hi @Jesse22753061316b ,

    Any news from Adobe PSIRT?

    BKBK
    Community Expert
    BKBKCommunity Expert
    Community Expert
    January 21, 2022

    If anyone should know, it would be the Adobe Product Security Incident Response Team. Follow the link and you will see their e-mail.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices