Marcia Williams created LOG4NET-679:
---------------------------------------
Summary: Many systems receiving vulnerability notice for
log4net.dll for multiple applications.
Key: LOG4NET-679
URL: https://issues.apache.org/jira/browse/LOG4NET-679
Project: Log4net
Issue Type: Bug
Affects Versions: 2.0.8, 1.2.10
Environment: Windows 10
Reporter: Marcia Williams
Attachments: apache log4net.dll_Dameware Vuln_22nov21.PNG, apache
log4net.dll_Dell Vuln_22nov21.PNG
We have hundreds of computers that are flagging {color:#de350b}Apache
log4net.dll {color}as a CRITICAL VULNERABILITY! ({*}CVE-2018-1285 for
log4net{*})
Because log4net is installed as part of many applications there is no
consistent version or application that is affected. It looks like anything that
uses *log4net.dll* is being flag with different versions of the .dll.
I have looked everywhere and can not figure out how to get a patch for this.
All assistance is appreciated as this is a CRITICAL level vulnerability.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
