Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

razzd31
razzd31
Offline

Badges

Badges
7

Accepted Solutions

Accepted Solutions
0

Likes Received

Likes Received
5

Posts

Posts
6

Discussions

Discussions
4

Questions

Questions
2

Ideas

Ideas
0

Blog Posts

Blog Posts
0
Top badges earned by razzd31
Customize the badges you want to showcase on your profile
Re: AEM FORMS JEE : Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - Adobe Experience Manager Forms 13-12-2021
Hi Mayank, Could you confirm that you have also looked in to AEM Forms on JEE ? Is it advisable to mitigate the impact with the use JVM parameters ?i.e, "‐Dlog4j2.formatMsgNoLookups=true"

Views

2.0K

Like

1

Replies

5
Re: Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - Adobe Experience Manager 13-12-2021
Good to have confirmation. We are in the same boat. Anyways I had already opened another thread so folks around here don't get confused. You can check this thread and comment on the thread so Adobe is aware. The response there also states that they are still investigating. https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager-forms/aem-forms-jee-apache-log4j-remote-code-execution-vulnerability/m-p/434348#M8119

Views

5.6K

Like

1

Replies

0
Re: Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - Adobe Experience Manager 13-12-2021
To be specific this version of AEM Forms JEE is not the standard offering. This is deployed on Jboss as WAR file and quite different from the AEM WCM.OSGI stack everyone here is aware of.This was a replacement of Livecycle application used to design and deploy Forms and not for designing websites i.e, its a forms management system not a web content management system.So I hope you understand AEM 6.5.x is not same as AEM Forms on JEE 6.5.x.If you are using the usual AEM OSGI WCM for designing webs...

Views

7.1K

Like

1

Replies

2
AEM FORMS JEE : Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - Adobe Experience Manager Forms 13-12-2021
Regarding the new Apache Log4j vulnerability as per (CVE-2021-44228)The AEM Forms on JEE 6.5.8 uses the log4j 2.10, 2.11.1 versions. These versions are affected by this vulnerability. Could anyone else using it please confirm the same. There may be a temporary workaround to add "‐Dlog4j2.formatMsgNoLookups=true" but not a complete fix. I have already opened a ticket on the Daycare site but haven't had any response yet.

Views

2.0K

Likes

0

Replies

7
Re: Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - Adobe Experience Manager 13-12-2021
The AEM Forms on JEE 6.5.8 uses the log4j 2.10, 2.11.1 versions. These versions are affected by this vulnerability. Could anyone else using it please confirm the same. There may be a temporary workaround to add "‐Dlog4j2.formatMsgNoLookups=true" but not a complete fix. I have already opened a ticket on the Daycare site but haven't had any response yet.

Views

20.8K

Like

1

Replies

4
Re: Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) - Adobe Experience Manager 12-12-2021
The AEM Forms on JEE 6.5.8 uses the log4j 2.10, 2.11.1 versions. These versions are affected by this vulnerability. Could you please confirm the same. I have already opened a ticket on the Daycare site but haven't had any response yet.

Views

22.0K

Like

1

Replies

1
Likes from