Top > User Support > Vulnerability (CVE-2021-44228) in [Apache Log4j]
Vulnerability (CVE-2021-44228) in [Apache Log4j] of our products
The following products handled by our company do not use [Apache Log4j] except for the license management system.
You can use the products safely.
・CoverageMaster winAMS
・CasePlayer2
・SharedVariableChecker2
・MC-Verifier
・PROMPT
・Safilia
・Seculia
・QTE(Quality Town for Embedded Grade)
You can use the products safely.
・CoverageMaster winAMS
・CasePlayer2
・SharedVariableChecker2
・MC-Verifier
・PROMPT
・Safilia
・Seculia
・QTE(Quality Town for Embedded Grade)
Impact on license management software for Windows products
The corresponding file exists in the license server manager for
Windows products.
[Apache Log4j] in the License Server Manager is used only when using
the "lmadmin Alerter Service" feature.
The function of "lmadmin Alerter Service" is not used when using
the function of our license server.Therefore, [Apache Log4j] exists
as a file, but it is not affected by the vulnerability.
Even if no measures are taken, it is not affected by the vulnerability.
If you want to take measures against the existence of the corresponding
file, overwrite the following file with the latest version of log4j file.
https://logging.apache.org/log4j/2.x/download.html
log4j-1.2-api-2.13.3.jar
log4j-api-2.13.3.jar
log4j-core-2.13.3.jar
In addition, If you are installing with the default settings,
the location directory will be as follows.
C:\Program Files\FlexNet Publisher License Server Manager\examples\alerter\lib
In addition, The following is an article published by Revenera,
the developer of this license manager.
https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/CVE-2021-44228-Log4j-vulnerability-impact-on-FlexNet-Publisher/ta-p/217384
Windows products.
[Apache Log4j] in the License Server Manager is used only when using
the "lmadmin Alerter Service" feature.
The function of "lmadmin Alerter Service" is not used when using
the function of our license server.Therefore, [Apache Log4j] exists
as a file, but it is not affected by the vulnerability.
Even if no measures are taken, it is not affected by the vulnerability.
If you want to take measures against the existence of the corresponding
file, overwrite the following file with the latest version of log4j file.
https://logging.apache.org/log4j/2.x/download.html
log4j-1.2-api-2.13.3.jar
log4j-api-2.13.3.jar
log4j-core-2.13.3.jar
In addition, If you are installing with the default settings,
the location directory will be as follows.
C:\Program Files\FlexNet Publisher License Server Manager\examples\alerter\lib
In addition, The following is an article published by Revenera,
the developer of this license manager.
https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/CVE-2021-44228-Log4j-vulnerability-impact-on-FlexNet-Publisher/ta-p/217384