Log4j - CVE-2021-44228 Zero Day Vulnerability SOAP UI V5.6.0 or Lower
Hi, With SOAP UI V5.6.0 or lower, we found that under \\Smartbear\SoapUI-5.6.0\lib\ , we can find log4j-1.2.14.jar and we would like to know if this is something Smartbear is working to release a newer version of the tool which will utilize v2.15 log4j jar or remove the current version?
We see this in multiple scans on our computer and would like to be proactive on the approach.
however this doesn't provide much information on the standalone installation tool.
Thanks for you question. Yes, our development team is aware of this issue and we're currently working on fixing it. Very soon we will deliver a hot fix release and please trust me this is not the end. Very soon we will surprise you again 😉