Community

ArcGIS Enterprise Log4j Vulnerability (CVE-2021-44228) Patch or Mitigation?

47101
162
Jump to solution
12-11-2021 09:13 AM
Carl_Flint
by
New Contributor III
‎12-11-2021 09:13 AM

Good afternoon, is there any patches in the works or potential mitigation steps for the latest java log4j vulnerability (CVE-2021-44228)?  I know that GeoEvent server uses log4j and can assume some other enterprise server's or portal potentially do as well.  Any help would be appreciated in resolving this zero-day.

Thanks,

Carl Flint, GISP
162 Replies
Scott_Tansley
by MVP Regular Contributor
MVP Regular Contributor
‎01-25-2022 11:03 PM

Hey

the instructions with the script tel you to run it on the install folder AND the content folder.  Other ArcGIS components it’s just the install folders.  I’ve done it on multiple clients implementations.  No issues.  It does what it says on the tin.  🙂

Scott Tansley
https://www.linkedin.com/in/scotttansley/
0 Kudos
Ikebana
by
New Contributor II
‎01-25-2022 11:11 PM

Aha! I totally missed that :p. thanks!

0 Kudos
Scott_Tansley
by MVP Regular Contributor
MVP Regular Contributor
‎01-25-2022 11:14 PM

Truth be told, so did I the first time.  My pleasure.  🙂 

 

Scott Tansley
https://www.linkedin.com/in/scotttansley/
0 Kudos