log4j1.x vulnerability

Question

Hello team,We use SOAP UI &nbsp;5.1.13 version , it comes with log4j 1.x version, As this version of log4j is EOL can you please confirm what is the remediation procedure we need to follow.Thanks,

humashankar · Answer

Hi ruchisingh&nbsp;
You are right, it is known to be vulnerable.
You can try the recommended option which is to upgrade SOAP UI to a version that uses Log4j 2.x or later. Newer versions of SoapUI are not vulnerable to the Log4j 1.x Exploit (CVE-2021-44228).
Hope this helps - Happy to help further!!Thank you very much and have a great one!Warm regards
&nbsp;

Forum Discussion

log4j1.x vulnerability

Related Content

log4j1.x vulnerability

Log4J vulnerability

SoapUI 5.5.0 Log4j vulnerability

Does SoapUI 5.6.0 has log4j vulnerability?

Log4j Vulnerability - Swagger

Recent Discussions

I need help on code snippet to pass the value from groovy script to REST request payload

SoapUI Plugin Development still available?

SoapUI 5.7.2 stuck on splash screen

Issues with SoapUI 5.5.0 on Gaming Desktop: Need Help!

Weird SOAP UI issue on Window11