log4j in ArcGIS License Manager?

378
4
12-15-2021 01:44 PM
Labels (1)
ChrisBarnett
New Contributor

Hello,

Does anyone know whether the ArcGIS License Manager is affected by the log4j2 exploit? I don't see it mentioned in any of the official communications.

thanks!

4 Replies
AaronVaughn1
New Contributor II

Yeah, I don't either, but I'm assuming you were including this latest blog article:

https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2...

Nothing about license manager though. 

0 Kudos
ChrisBarnett
New Contributor

thanks, yes. I did look through that article.

MichaelVolz
Esteemed Contributor

ESRI provided remediation python 3 scripts.  One script identifies vulnerable files (list), so you could always run that script on your LM server.

0 Kudos
AaronVaughn1
New Contributor II

For anyone new to this, I have the technical article link where the python 3 script files can be downloaded with instructions: https://support.esri.com/en/Technical-Article/000026951

Totally new to anything sys admin within Enterprise, so not really savvy as to what some of these components do (JndiLookup.class ...) -- trying to learn as much as I can though.

0 Kudos