A short update.
People that ran the program on their systems reported more products that
make use of log4j. Looks like it is quite a common issue in USS.
Lesson is that modernizing the mainframe, modernizes the vulnerabilities as
well.
ITschak.
ITschak Mugzach
*|** IronSphere Platform* *|*
We developed a check in our product, IronSphere to scan USS for log3j.jar
and jar files that include it. We found four log4j.jar files and four
product jars that use it.
We offer this program for free as a batch compiled rexx program (does not
require IronSphere server).
Once you have the list,