Forum Discussion

mikegonzo's avatar
mikegonzo
New Contributor
3 years ago

ReadyAPI-3.3.1 log4j vulnerable?

Hello, I am wanting to know if the ReadyAPI-3.3.1 app is vulnerable to the log4j vulnerability? I see that it uses the log4j-core-2.11.jar file. C:\Program Files\SmartBear\ReadyAPI-3.3.1\lib\log4j-...
  • D0UG's avatar
    3 years ago

    Hi mikegonzo,

     

    SmartBear is aware of the recently disclosed security issue affecting the open-source Apache “Log4j2” utility (CVE-2021-44228). The Security team is actively working to mitigate our exposure and continue to provide enhanced monitoring of our platforms to safeguard information. Resources potentially affected by this vulnerability have been identified and our Information Technology and Information Security teams are working closely together to remediate any potential exposure in our platforms and environment.

     

    Please check https://smartbear.com/security/cve-2021-44228/ for further updates.