My Oracle Support Banner

Mitigation Steps for 9.3.6 RUP18 (9.3.6.18) to Remove JNDI Lookup Path from Log4J Used with Agile (Doc ID 2906552.1)

Last updated on NOVEMBER 02, 2022

Applies to:

Oracle Agile PLM Framework - Version 9.3.6.0 and later
Information in this document applies to any platform.

Goal

Currently using Agile PLM (Product Lifecycle Management) 9.3.6 RUP18 that uses log4j 2.12.1.
To avoid the security issue CVE-2021-44228, can the mitigation step to remove JNDI lookup path applied instead of upgrading the log4j version to 2.17.1?
There is concern that custom PX (Process Extension) program using log4j may be impacted after upgrading the log4j.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.