AMQ 7 and Log4J vulnerability CVE-2021-44228
Issue
- What is the impact of
CVE-2021-44228
on AMQ 7 broker instances? When searching the whole AMQ 7, I found a log4j reference here:
$AMQ7_BROKER_HOME/bin/$BROKER_INSTANCE/tmp/webapps/jetty-localhost-8161-hawtio_war-_console-any-1234567890123456789/webapp/WEB-INF/lib/log4j-1.2.17.jar
Environment
- Red Hat AMQ (AMQ)
- 7.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.