December 16, 2021
Tech Bulletin, Tech Docs
Salient Systems
#TB211201SU – Apache Log4j Vulnerability
On December 10, 2021, notice of a critical remote code vulnerability was published concerning the Apache Log4j library. Vulnerable versions include Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0. The vulnerability is specific to log4j-core and does not extend to log4net, log4cxx, or other Apache Logging Services.