Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Adobe Summit 2023 [19th to 23rd March, Las Vegas and Virtual] | Complete AEM Session & Lab list
SOLVED

AEM forms log4j vulnerable

Avatar

Level 1

We use AEM forms and we use only the rights management modules.

We would like to understand if we are vulnerable to the recent Log4j vulnerabilities, specifically CVE-2021-44228. If so, how do we mitigate?

1 Accepted Solution

Avatar

Correct answer by
Employee

The impact of vulnerability CVE-2021-44228 reported in log4j2 versions 2.0-beta9 through 2.12.1 and 2.13.0 through 2.14.1 was analysed for AEM Forms and it was found to be impacted as it bundles different versions of log4j2 in different released versions.

The details of the analysis and impacted distributions together with mitigation steps to be performed are outlined at [1]. In case of any issues/questions/clarifications, you may contact us.

 


[1]: https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html?wcmmode=di...


Thanks,
Mayank

 

1 Reply

Avatar

Correct answer by
Employee

The impact of vulnerability CVE-2021-44228 reported in log4j2 versions 2.0-beta9 through 2.12.1 and 2.13.0 through 2.14.1 was analysed for AEM Forms and it was found to be impacted as it bundles different versions of log4j2 in different released versions.

The details of the analysis and impacted distributions together with mitigation steps to be performed are outlined at [1]. In case of any issues/questions/clarifications, you may contact us.

 


[1]: https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html?wcmmode=di...


Thanks,
Mayank