Customer Support​

 View Only

 Log4j vulnerability in pentaho

Divya Joseph's profile image
Divya Joseph posted 01-06-2022 05:29

Hi , we are using Pentaho 8.0 community version. we wanted to check the if "CVE-2021-45105" is impacting 8.0 version, we have followed below mitigation plan for other log4j vulnerabilities as pentaho support portal and removed JMSAppeneder file from the log4j jar file. https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho- we wanted to know if there is impact on CVE-2021-45105 on pentaho , if so what will be the mitigation plan? Thanks, Divya.