Community Tip - Need to share some code when posting a question or reply? Make sure to use the "Insert code sample" menu option. Learn more! X

Zero Day vulnerability in Java Log4j

svisveswaraiya
17-Peridot

Zero Day vulnerability in Java Log4j

Hi,

 

"Zero Day vulnerability in Java Log4j " will it give any impact in ThingWorx, is there any mitigation plan?

 

Thanks in advance,

Shalini V.

ACCEPTED SOLUTION

Accepted Solutions

@RosJir @svisveswaraiya @MikeFR 

 

The alert has been updated, refer this article for the log4j vulnerability fix in Thingworx Platform.

 

Regards,

Sachin Sharma

View solution in original post

5 REPLIES 5

@svisveswaraiya 

 

You can refer this alert posted on eSupport portal.

 

Regards,

Sachin Sharma

Hello,

 

Thingworx isn't on that list... is there additional advice?

 

Cordially,

Mike

@MikeFR 

 

That is the only alert you need to follow. Under the listed products there is a note, I have mentioned it here for your reference.

For products not listed above, we will provide recommended actions as they become available.  Please refer back to this alert for future updates.

 

Regards,

Sachin Sharma

Hello, 

we are running Thingworx9 in docker container and it looks like that one part of Thingworx is using affected libraries.

TA_9407455_0-1639487659254.png

Regards,

Rostislav Jirásek

@RosJir @svisveswaraiya @MikeFR 

 

The alert has been updated, refer this article for the log4j vulnerability fix in Thingworx Platform.

 

Regards,

Sachin Sharma

Announcements


Top Tags