Expand my Community achievements bar.

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

AEM forms log4j vulnerable

Avatar

Level 1
Level 1
12/15/21 5:31:41 AM

We use AEM forms and we use only the rights management modules.

We would like to understand if we are vulnerable to the recent Log4j vulnerabilities, specifically CVE-2021-44228. If so, how do we mitigate?

Views

929

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee
Employee
12/15/21 5:35:11 AM

The impact of vulnerability CVE-2021-44228 reported in log4j2 versions 2.0-beta9 through 2.12.1 and 2.13.0 through 2.14.1 was analysed for AEM Forms and it was found to be impacted as it bundles different versions of log4j2 in different released versions.

The details of the analysis and impacted distributions together with mitigation steps to be performed are outlined at [1]. In case of any issues/questions/clarifications, you may contact us.

 


[1]: https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html?wcmmode=di...


Thanks,
Mayank

 

View solution in original post

Views

924

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Employee
Employee
12/15/21 5:35:11 AM

The impact of vulnerability CVE-2021-44228 reported in log4j2 versions 2.0-beta9 through 2.12.1 and 2.13.0 through 2.14.1 was analysed for AEM Forms and it was found to be impacted as it bundles different versions of log4j2 in different released versions.

The details of the analysis and impacted distributions together with mitigation steps to be performed are outlined at [1]. In case of any issues/questions/clarifications, you may contact us.

 


[1]: https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html?wcmmode=di...


Thanks,
Mayank

 

Views

925

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Adaptive forms fail to load after upgrading to AEM 6.5.20 Solved

Views

41

Likes

0

Replies

1
Hidden components still taking up extra space [AEM form core component] Solved

Views

190

Likes

0

Replies

3
AEM Forms Core Components - AF Core bundle issue Solved

Views

919

Likes

0

Replies

18
It is showing msm api dependency missing while I am installing AEM Forms add ons package. Solved

Views

405

Like

1

Replies

6
Automated Forms Conversion service (AFCS) going to generate Adative form with core components Solved

Views

224

Likes

0

Replies

2