Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-18314

log4j 1.2.17 exists in system/io/hawt/irc-client-plugin/1.4.0.redhat-630396/irc-client-plugin-1.4.0.redhat-630396.war

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • fuse-6.3-R20-GA
    • None
    • Camel
    • None
    • False
    • False
    • % %
    • Todo

    Description

      We did Tenable security scan of our product Fuse 6.3, and identified critical severity because of the presence of Log4j 1.2.17 inside irc-client-plugin-1.4.0.redhat-630396.war package

      Plugin Number - 156032
      Plugin Name - Apache Log4j Unsupported Version Detection
      Plugin Output:
      Path : $Fuse/system/io/hawt/irc-client-plugin/1.4.0.redhat-630396/irc-client-plugin-1.4.0.redhat-630396.war
      Installed version : 1.2.17

      Pls remove this plugin if not needed. 

      Attachments

        Activity

          People

            ggrzybek Grzegorz Grzybek
            rhn-support-xiwu Xiaohui Wu
            Tomas Veskrna Tomas Veskrna
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: