Solved: log4j needs to be upgraded

SC_10008250 · ‎Jul 26, 2023

I am using Windchill PDMLink Release 10.1 and Datecode with CPS M030

An checked that there is log4j in the system that needs to be upgraded, but we cannot locate the log4j file

------------------------------------

Translated the text from simplified chinese to english using google translate by community moderation team

Subject: log4j需要升级

Body: 安检查到系统中有log4j需要升级，但是我们无法定位到log4j文件在哪

------------------------------------

avillanueva · ‎Jul 27, 2023

Looks like you are on an unsupported version of Windchill. 10.1 is rather old. @VladimirN pointed to article that shows 11.1 is Log4J 1.x so I would assume 10.1 is using the same version. Are you looking to patch the log4J vulnerability? Look here:

There are some manual steps you can do to mitigate the vulnerability but upgrading just that will not work. I had to recode a whole bunch of things when we transitioned to Log4J 2.x.

View solution in original post

VladimirN · ‎Jul 27, 2023

Take a look here:

"How to handle log4j2 upgrade on Windchill 12.0.2 for running workflows which uses log4j 1.2": https://www.ptc.com/en/support/article/CS348839
"What is the version that uses log4j in Windchill PDMLink": https://www.ptc.com/en/support/article/CS358667
"Updates for Log4j compatibility": https://www.ptc.com/en/support/article/CS358667https://support.ptc.com/help/windchill/r12.1.2.0/en/index.html#page/Windchill_Help_Center/WCUpgradeGuide/WCUpgrade_VerifyLog4jcompatibility.html

avillanueva · ‎Jul 27, 2023

Looks like you are on an unsupported version of Windchill. 10.1 is rather old. @VladimirN pointed to article that shows 11.1 is Log4J 1.x so I would assume 10.1 is using the same version. Are you looking to patch the log4J vulnerability? Look here:

There are some manual steps you can do to mitigate the vulnerability but upgrading just that will not work. I had to recode a whole bunch of things when we transitioned to Log4J 2.x.