Oracle Documaker Folder On WebLogic Server Security Vulnerability (Doc ID 2981417.1)

Last updated on OCTOBER 17, 2023

Applies to:

Oracle Documaker - Version 12.6.4 and later
Information in this document applies to any platform.

Goal

On : 12.6.4 version, Documaker Studio

WebLogic servers are patched up to the July 2023 Critical Patch Update (CPU), however security scans are still indicating the servers are running a version of Apache Log4j that is no longer supported.

It indicates that Log4j is in use, which has been out of support since October 2015. This is the jar file being flagged:

C:\Oracle\Middleware\user_projects\domains\idocumaker_domain\servers\dmkr_server\tmp_WL_user\DWSAL1\2j42aa\war\WEB-INF\lib\log4j-1.2.17-16.jar Installed version

Since this path is added during the Oracle Documaker installation, is the jar file still needed and can it be removed?

Solution

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Oracle Documaker Folder On WebLogic Server Security Vulnerability (Doc ID 2981417.1)

Applies to:

Goal

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!