Hi, our vulnerability detected the following files as vulnerable to the log4j CVE-2021-44228, what is the remediation per the vendor's instructions on how to address it?
The software installed is arcgis_server 10.6.1 (10.6.9270.0)
Thanks!
e:\arcgisportal\upgrade-backup\10.6.0\dsdata\elasticsearch_5.5.0\lib\log4j-core-2.8.2.jar |
c:\program files\arcgis\datastore\framework\runtime\elasticsearch\lib\log4j-core-2.8.2.jar |
| c:\program files\arcgis\server\framework\lib\shared\log4j-core-2.8.2.jar |
c:\program files\arcgis\datastore\framework\webapps\arcgis#datastoreadmin\web-inf\lib\log4j-core-2.8.2.jar |
