Hello, Just replace the log4j2 libraries by latest version. See: https://www.ubik-ingenierie.com/blog/jmeter-log4j-vulnerability/
Regards On Mon, Dec 20, 2021 at 10:07 PM Warner - OIT, Kennon < kennon.war...@state.co.us> wrote: > To Whom It May Concern, > > Are there any remediation steps documented we could follow to address this > issue? We don't really have the ability to upgrade to the latest version of > jmeter 5x. > > Thanks > > -- > > *Kennon Warner* > > *Senior Manager - **Customer Applications - Labor* > > > > P: 303.318.8346 | C: 720.347.7701 > > Gvoice: 720.773.0839 > > 633 17th Street, Ste 800, Denver, CO 80202 < > https://goo.gl/maps/afc8bkLcadt> > > kennon.war...@state.co.us | www.colorado.gov/oit > > > > How am I doing? Please contact my director Robert Belton > <robert.bel...@state.co.us>, at robert.bel...@state.co.us for comments or > questions. > > > CONFIDENTIALITY: This electronic mail transmission (including any > attachments) may contain confidential or legally privileged information, > intended only for the person(s) named. Any use, distribution, copying, or > disclosure by another person is strictly prohibited. > -- Cordialement. Philippe Mouawad.