Update on Micro Focus Response to “Log4j” Vulnerability

December 15, 2021 Updates: Micro Focus is taking immediate action regarding Common Vulnerabilities and Exposures CVE-2021-44228 and CVE-2021-45046. CVE-2021-44228 Micro Focus is aware of the…

OpenText profile picture
OpenText

December 15, 20212 minute read

December 15, 2021 Updates:

Micro Focus is taking immediate action regarding Common Vulnerabilities and Exposures CVE-2021-44228 and CVE-2021-45046.

CVE-2021-44228

Micro Focus is aware of the new guidance from Apache on the Apache Log4j vulnerability described in CVE-2021-44228 relating to newly discovered attack vectors. We are evaluating the impact on each of Micro Focus’ products in both SaaS and on-premise deployment and updating our response to address these newly discovered attacks. We will be issuing updated security bulletins to our customers to ensure there are appropriate options for fully remediating this vulnerability. For on-premises deployment Micro Focus is issuing Security Bulletins on our product support portal with specific instructions on how to block the attack until the component is upgraded to the recommended current version.

CVE-2021-45046

A new zero-day vulnerability (CVE-2021-45046) Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern was reported for the Apache Log4j component on December 14, 2021. CVE-2021-45046 is a reported vulnerability in the Apache Log4j open source-component that allows a denial of service (DOS) attack and is Severity Level 3.7 out of 10. Micro Focus is taking immediate action to analyze, mitigate and remediate, as appropriate.

For more information and regular updates please visit our Security Updates page.

Share this post

Share this post to x. Share to linkedin. Mail to
OpenText avatar image

OpenText

OpenText, The Information Company, enables organizations to gain insight through market-leading information management solutions, powered by OpenText Cloud Editions.

See all posts

More from the author

Three key aspects of being a threat hunter  

Three key aspects of being a threat hunter  

In today’s digital landscape, the role of a threat hunter has become indispensable. As cyber threats grow increasingly sophisticated, the need for professionals who can…

5 minute read

Fax and figures – automate your fax processes for maximum productivity

Fax and figures – automate your fax processes for maximum productivity

Manual fax processing isn’t scalable

4 minute read

Insights on AI and ISO 20022: OpenText helps shape the narrative at the Payments Canada Summit

Insights on AI and ISO 20022: OpenText helps shape the narrative at the Payments Canada Summit

The 2024 Payments Canada Summit recently concluded, bringing together industry leaders, innovators, and key stakeholders to discuss the most recent trends and insights in payments….

5 minute read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.

Sign up