My Oracle Support Banner

E-TUX: Log4j Files installed V1.xx with the Latest Tuxedo 12.2.2.0 shows up on Security Scan (Doc ID 2846171.1)

Last updated on JULY 27, 2022

Applies to:

PeopleSoft Enterprise PT PeopleTools - Version 8.57 and later
Information in this document applies to any platform.

Goal

When scanning servers for vulnerabilities. The latest Tuxedo (12.2.2.0) is showing up in the scan as a vulnerability for the Log4j V1.  
bea\tuxedo\tuxedo12.2.2.0.0_VS2017\udataobj\salt\sca\tuscany\lib\log4j-1.2.12.jar and
\bea\tuxedo\tuxedo12.2.2.0.0_VS2017\udataobj\salt\sca\mdif\sync\log4j-1.2.8.jar

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.