Update on Micro Focus Response to “Log4j” Vulnerability

December 15, 2021 Updates: Micro Focus is taking immediate action regarding Common Vulnerabilities and Exposures CVE-2021-44228 and CVE-2021-45046. CVE-2021-44228 Micro Focus is aware of the…

Sean O'Brien profile picture

Sean O’Brien

December 15, 20212 minutes read

December 15, 2021 Updates:

Micro Focus is taking immediate action regarding Common Vulnerabilities and Exposures CVE-2021-44228 and CVE-2021-45046.

CVE-2021-44228

Micro Focus is aware of the new guidance from Apache on the Apache Log4j vulnerability described in CVE-2021-44228 relating to newly discovered attack vectors. We are evaluating the impact on each of Micro Focus’ products in both SaaS and on-premise deployment and updating our response to address these newly discovered attacks. We will be issuing updated security bulletins to our customers to ensure there are appropriate options for fully remediating this vulnerability. For on-premises deployment Micro Focus is issuing Security Bulletins on our product support portal with specific instructions on how to block the attack until the component is upgraded to the recommended current version.

CVE-2021-45046

A new zero-day vulnerability (CVE-2021-45046) Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern was reported for the Apache Log4j component on December 14, 2021. CVE-2021-45046 is a reported vulnerability in the Apache Log4j open source-component that allows a denial of service (DOS) attack and is Severity Level 3.7 out of 10. Micro Focus is taking immediate action to analyze, mitigate and remediate, as appropriate.

For more information and regular updates please visit our Security Updates page.

Share this post

Share this post to x. Share to linkedin. Mail to
Sean O'Brien avatar image

Sean O’Brien

See all posts

More from the author

Micro Focus Response on “Log4j” Vulnerability

Micro Focus Response on “Log4j” Vulnerability

Micro Focus is taking immediate action to analyze and to remediate, where appropriate, Common Vulnerabilities and Exposures (CVE-2021-44228 / Log4j also known as Logshell / Logjam),…

December 13, 2021 2 minutes read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.