Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-dev] Jetty: Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)
  • From: "Kumar, Amit (Noida)" <amit.kumar5@xxxxxxxxxx>
  • Date: Thu, 16 Dec 2021 06:57:04 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=fiserv.com; dmarc=pass action=none header.from=fiserv.com; dkim=pass header.d=fiserv.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=M9Gf/mUsT36ijjkI7+SxFFK1nvpk7JLIO9dZDWRoluU=; b=SguPw7cy3XySzGFYbxkZDUOsUlxbeprR/EE/cVf8DfvKQWDA49wv4AceYHRMZxUjZuNmAfatE37PqDNAh1xsnfzk7K5Arl7tXnWcma+QEAbywk4XuVQ5rKxEB8V/0Av5o/SIAICi0PZTKkmzHEXBMDrpH9/SmazJ9GazGJSqZ7Mpg85hYxT/sQYLOLiVl96LhLgyhyEYcWLx7IVoSyrM4yFE3LmT2+pkGGV4NkpiQzEA6Y0gYXZEO6HnPt80hLLcu5/NfT/ToucjpFhI9JXNaV1VaPZEGxNcV4IWfCxvJkjpO4aeiNl1JXuEO/hR+R7fQqr15w/Nzbtd2HAl50RYNA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iU3zc5Bs/UoUxq0oDD7WDBC+03TARTHEtjxbPiau62D6dygXCdVcmdNGoaI04WJ3Ihatu/VZeCTepI04BRWXr87uA6LzK7HUMVTIkxwohY0L0rjKmMwSwSo71nZm5MRodzeO1efLliWf7fER51pc1UP7p53doJgImwy5LR1vyNC2qbNcCRnc9qorxgSA6irjk1VbSotE4pjMeeXfS5SMGyH+WTklfn6CGnIETNTyU1yiSezNaDNKMzlsec05UrKooFUPkQItLEuWh8sEn9lJcp+C4nTRHwPfr7ZIo/C2N/UVNPNI46curH96roUQnueVJeMk05fLrcis4jMSL+rhhg==
  • Delivered-to: jetty-dev@xxxxxxxxxxx
  • List-archive: <https://www.eclipse.org/mailman/private/jetty-dev/>
  • List-help: <mailto:jetty-dev-request@eclipse.org?subject=help>
  • List-subscribe: <https://www.eclipse.org/mailman/listinfo/jetty-dev>, <mailto:jetty-dev-request@eclipse.org?subject=subscribe>
  • List-unsubscribe: <https://www.eclipse.org/mailman/options/jetty-dev>, <mailto:jetty-dev-request@eclipse.org?subject=unsubscribe>
  • Thread-index: AdfySWTUijkLM04bQce6GuoivvFcPgAAKmDg
  • Thread-topic: Jetty: Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)

 

Hi Team,

 

We are using Below jar provided by you. We want to ensure and know if it is impacted by “Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)”. If it’s impacted please let us know about the security recommendation. To know we are looking for following answer

 

Jars:

jetty-4.2.19 4.2.19

jetty-continuation-7.5.4.v20111024 7.5.4

jetty-http-7.5.4.v20111024 7.5.4

jetty-security-7.5.4.v20111024 7.5.4

jetty-util-7.5.4.v20111024 7.5.4

jetty-io-7.5.4.v20111024 7.5.4

jetty-server-7.5.4.v20111024 7.5.4

 

 

Are you using log4J?

If you are using log4j 1.x version, are you using JMSAppender class

if you are using log4j 2.x are , what is your security recommendation to fix the issue

 

 

Thanks and regards,

 

Amit Kumar

Tech Lead, Software Development Engineering

Financial & Risk Management Solutions

Mobile: +91-9990094588

Upcoming R&R:

Fiserv

Helping Small Businesses Get Back2Business
Fiserv | Join Our Team | Twitter | LinkedIn | Facebook
FORTUNE World's Most Admired Companies®
2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021

© 2021 Fiserv Inc. or its affiliates. Fiserv is a registered trademark of Fiserv Inc. Privacy Notice
© 2021 Fortune Media IP Limited. Used under license. 

 

Back to the top