Ops Center 12.4: log4j mitigation and solution for CVE-2021-44228
(Doc ID 2828286.1)
Last updated on OCTOBER 30, 2023
Applies to:
Enterprise Manager Ops Center - Version 12.4.0 and laterInformation in this document applies to any platform.
Purpose
The Apache Software Foundation has published a number of mitigation steps in response to the Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046. These mitigations are published at https://logging.apache.org/log4j/2.x/security.html.
The purpose of this document is to assist you in implementing the recommended Apache mitigations in Ops Center 12.4.
Please refer to the Apache Log4j 2 vulnerability described in this Security Alert for more details.
https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
Please review this blog for additional information:
https://blogs.oracle.com/security/post/cve-2021-44228
The primary document for this vulnerability can be found here:
Impact of December 2021 Apache Log4j Vulnerabilities on Oracle Products and Services (CVE-2021-44228, CVE-2021-45046) (Doc ID 2827611.1)
This MOS Note will be updated to reflect the availability of patches from Oracle.
Oracle recommends that you apply all necessary patches as soon as they are available to permanently address these vulnerabilities.
Troubleshooting Steps
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Purpose |
| Troubleshooting Steps |
| References |