Author Message
mgafurshaik@avaya.com
Joined: Jan 7, 2021
Messages: 1
Offline
Below Jar files are being used in customer application from our Avaya Orchestration designer, Kindly suggest whether these JAR files are exposed to the vulnerability Log4j CVE-2021-44228 or not?

• Avaya orchestration versions details - 7.2.2.1004

scertcommon-07.22.10.04.jar
scert-07.22.10.04.jar
icclient-07.22.10.04.jar
WilsonYu
Joined: Nov 6, 2013
Messages: 3937
Offline
This vulnerability only affect log4j v2 not the original log4j v1 that OD is using. So it would not affect OD 7.x.
Also something to keep in mind that we are going to release OD 8.1.1 which will use the latest log4j v2.
Go to:   
Mobile view