Is JBoss EAP 6.x/7.x impacted by log4j vulnerabilities CVE-2021-44228 or CVE-2021-4104?
Issue
- CVE-2021-44228 for log4j 2.x vulnerability
- CVE-2021-4104 for log4j 1.x vulnerability
- CVE-2021-45105 Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3)
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
- 7.x
- Log4j
- 2.0.0 < 2.15
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.