Copy link to clipboard
Copied
We've applied the Log4js mitigations outlied in https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html and when Update 13 for Coldfusion 13 was available we applied it. I'm now getting warning of a vulnerability for log4j core 2.9.0 installed vi a the mitigation and advised to upgrade to 2.15 or later. Any guidance on either backing out or or upgrading the mitigaation installed via https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html to prevent the new vulnerabilities?
Copy link to clipboard
Copied
@richardm66198703 , Why begin a new thread when there is already a Log4J thread on this very subject:
If I were you, I would move my question there.