Forum Discussion

New Contributor

9 months ago

log4j1.x vulnerability

Hello team, We use SOAP UI 5.1.13 version , it comes with log4j 1.x version, As this version of log4j is EOL can you please confirm what is the remediation procedure we need to follow. Thanks,

Humashankar
9 months ago
Hi ruchisingh

You are right, it is known to be vulnerable.

You can try the recommended option which is to upgrade SOAP UI to a version that uses Log4j 2.x or later. Newer versions of SoapUI are not vulnerable to the Log4j 1.x Exploit (CVE-2021-44228).

Hope this helps - Happy to help further!!
Thank you very much and have a great one!
Warm regards

Humashankar

Champion Level 3

9 months ago

Hi ruchisingh

You are right, it is known to be vulnerable.

You can try the recommended option which is to upgrade SOAP UI to a version that uses Log4j 2.x or later. Newer versions of SoapUI are not vulnerable to the Log4j 1.x Exploit (CVE-2021-44228).

Hope this helps - Happy to help further!!
Thank you very much and have a great one!
Warm regards

Recent Discussions

How do I change password and Username on every call in a Test Case in SoapUI?
Solved
11 hours ago
Gonzarelli
What is purpose if inspector pane in SoapUI?
15 hours ago
bgoldsto
Content-Length calculation wrong when posting UTF-8 content
12 days ago
smallfreak
Error exception in phase 'semantic analysis' with java 21
14 days ago
nttung
Generate positive long integer?
15 years ago
ikerstges

Forum Discussion

log4j1.x vulnerability

Related Content

log4j1.x vulnerability

Log4J vulnerability

SoapUI 5.5.0 Log4j vulnerability

Does SoapUI 5.6.0 has log4j vulnerability?

Log4j Vulnerability - Swagger

Recent Discussions

How do I change password and Username on every call in a Test Case in SoapUI?

What is purpose if inspector pane in SoapUI?

Content-Length calculation wrong when posting UTF-8 content

Error exception in phase 'semantic analysis' with java 21

Generate positive long integer?