https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
Is Appian affected by the log4j vulnerability CVE-2021-44228?
Discussion posts and replies are publicly visible
Please find this knowledge base article with the latest information on this vulnerability: community.appian.com/.../kb-2204-information-about-the-log4j2-security-vulnerability-cve-2021-44228
Hotfixes are available for self-managed customers with the latest updates to address this vulnerability.
Hello Peter Lewis,
after log4j upgrade, I am not able to see my logging coming through tomcat.log file.
Even though after changing my code as compatible to latest version of log4j 2.17, not working. Any advice on that ?
What do you mean when you say "changing my code as compatible to latest version" - did you install the hotfix or make the changes in a different way?
Nope, actually i have added updated library of log4j 2.17 in my customer plugin package which has bit different implementation then log4j 1.17.
example:
it has LogManager while initializing class instead of Logger
Sorry, unfortunately I don't know much about using log4j in plugins. Hopefully some other posters in the Community will have more context.