This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CVE-2021-45046 caused by CVE-2021-44228 for log4j

Brian_Keller
Champ on-the-rise
Champ on-the-rise

‎12-16-2021 06:48 AM

CVE-2021-45046 was released Dec 14 regarding a denial of service vulnerability introduced in log4j 2.15.0. Is Hyland aware of this new vulnerability and, if so, what is the impact? log4j version 2.16.0 was put out to remediate this new issue. Also, the recommended actions for CVE-2021-44228 does not fix this new vulnerability.

 

Edited to add the link to CVE-2021-45046:
NVD - CVE-2021-45046 (nist.gov)

3 REPLIES 3

Julianne_Horner
Champ on-the-rise
Champ on-the-rise

‎12-16-2021 11:07 AM

Hyland's post about this issue: CVE-2021-44228 related to Apache Log4j Security Advisory (hyland.com)

0 Kudos

Ryan_Wakefield
World-Class Innovator
World-Class Innovator
In response to Julianne_Horner

‎12-16-2021 11:29 AM

@Julianne Horner , unfortunately that link is only for the CVE-2021-44228 vulnerability. Brian is asking about that CVE-2021-45046 vulnerability that came out as a result of them releasing the 2.15.0 version (which is supposedly fixed by upgrading to the 2.16.0 version of Log4j).

0 Kudos

Brian_Keller
Champ on-the-rise
Champ on-the-rise
In response to Julianne_Horner

‎12-16-2021 03:09 PM

Julianne, Ryan is correct below. I am asking about the follow-up issue introduced because of CVE-2021-44228, not about that CVE itself.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC