12-16-2021 06:48 AM
CVE-2021-45046 was released Dec 14 regarding a denial of service vulnerability introduced in log4j 2.15.0. Is Hyland aware of this new vulnerability and, if so, what is the impact? log4j version 2.16.0 was put out to remediate this new issue. Also, the recommended actions for CVE-2021-44228 does not fix this new vulnerability.
Edited to add the link to CVE-2021-45046:
NVD - CVE-2021-45046 (nist.gov)
12-16-2021 11:07 AM
Hyland's post about this issue: CVE-2021-44228 related to Apache Log4j Security Advisory (hyland.com)
12-16-2021 11:29 AM
12-16-2021 03:09 PM
Julianne, Ryan is correct below. I am asking about the follow-up issue introduced because of CVE-2021-44228, not about that CVE itself.
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.