Copy link to clipboard
Copied
We've applied the Log4js mitigations outlied in https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html and when Update 13 for Coldfusion 13 was available we applied it. I'm now getting warning of a vulnerability for log4j core 2.9.0 installed vi a the mitigation and advised to upgrade to 2.15 or later. Any guidance on either backing out or or upgrading the mitigaation installed via https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html to prevent the new vulnerabilities?
Views
Translate
Report
@richardm66198703 , Why begin a new thread when there is already a Log4J thread on this very subject:
https://community.adobe.com/t5/coldfusion-discussions/zero-day-exploit-affecting-the-popular-apache-...
If I were you, I would move my question there.
Votes
never-displayed
1
Reply
AdChoices