Apache Log4j Security Alert CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 on Mechanical Computer-Aided Design (MCAD) Connectors for Agile Engineering Collaboration (EC) 3.6.3 or later (Doc ID 2829118.1)

Last updated on DECEMBER 01, 2024

Applies to:

Oracle Agile PLM MCAD Connector - Version 3.6 and later
Microsoft Windows x64 (64-bit)

Goal

This document provides mitigation steps to address the issues associated with CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 on affected XPLM MCAD connector versions integrated with Agile Product Lifecycle Management (PLM) systems.

Scope

This document applies to all versions of XPLM MCAD connectors for Agile EC version 3.6.3.0 and later.

Note: Log4j 2.14 is used for logging within the MCAD connector client since version 3.6.3.0, so the following mitigation should be used to remove the vulnerability.

Note: Oracle recommends making a backup of your current MCAD environment before executing this procedure.

Solution

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

Solution

References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Apache Log4j Security Alert CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 on Mechanical Computer-Aided Design (MCAD) Connectors for Agile Engineering Collaboration (EC) 3.6.3 or later (Doc ID 2829118.1)

Applies to:

Goal

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!