Copy link to clipboard
Copied
Good Afternoon,
In regards to the log4j 1.2.15 JAR file found in "cfusion/lib" directory of ColdFusion2018. We have multiple instances running in multiple enclaves of in a government network, and this file is popping up as a CAT 1 vulnerability. This is an issue because they are saying the log4j-1.2.15 version is no longer supported by Apache. My SysAdmin team and Security team would like to know if there is a plan to resolve this issue and make sure Abode is aware.
Copy link to clipboard
Copied
If anyone should know, it would be the Adobe Product Security Incident Response Team. Follow the link and you will see their e-mail.
Copy link to clipboard
Copied
Hi @Jesse22753061316b ,
Any news from Adobe PSIRT?