View Only
  • 1.  Log4j vulenrability in pentaho

    Posted 01-05-2022 05:49

    Hi , we are using Pentaho 8.0 community version. we wanted to check the if "CVE-2021-45105" is impacting 8.0 version, we have followed below mitigation plan for other log4j vulnerabilities as pentaho support portal and removed JMSAppeneder file from the log4j jar file. we wanted to know if there is impact on CVE-2021-45105 on pentaho , if so what will be the mitigation plan?

    Thanks, Divya.

    Divya Joseph

  • 2.  RE: Log4j vulenrability in pentaho

    Posted 01-11-2022 20:09
    According to  log4j-1.x is not affected by the vulnerability.

    Andrew Cave
    Systems Engineer
    BizCubed Pty Ltd