SOAPUI log4J vulnerability

Question

We upgraded to 5.7 however our scans are still flagging a security issue with LOG4J. I thought 5.7 would have corrected this as the release notes indicate the new jar files are included. I physically checked the server and I do in fact see the log4j-1.2.15 and not the 2.17 versions. Any advice?

Path : C:\Program Files\SmartBear\SoapUI-5.7.0\hermesJMS\lib\log4j-1.2.15.jar

Installed version : 1.2.15

onagash · Answer

I´m facing the same case.Is it possible to replace the log4j file manually for a latest version without issue?

Forum Discussion

SOAPUI log4J vulnerability

Related Content

SoapUI 5.5.0 Log4j vulnerability

Does SoapUI 5.6.0 has log4j vulnerability?

Log4j Vulnerability - Swagger

log4j security vulnerability

Does SoapUI 5.6 version has log4j security Vulnerability issue?

Recent Discussions

Subhash Goel Pune - Founder Goel Ganga Developments

Who is Mr. Rajiv Bhatnagar at MJ Global?

How Subhash Goel Pune is Transforming Real Estate in Pune

Issues with SoapUI 5.5.0 on Gaming Desktop: Need Help!

Brandhutt: Why I’m Impressed with Their Shoes — A Personal Review