Steps to mitigate log4j in windows Adobe Experience Manager -Forms V 6.2 and 6.3 | Community
Skip to main content
E
Errol
New Participant
December 14, 2021
Solved

Steps to mitigate log4j in windows Adobe Experience Manager -Forms V 6.2 and 6.3

  • December 14, 2021
  • 2 replies
  • 683 views

We have identified 2 instances of log4j-core-2.1.jar in a cache folder and also in jboss/standalone/tmp/vfs/deployment/ folder.

 

Is there any advice on Aems 6.2/6.3 on how to either update the log4j version or even remove the instances. Will there be a patch or hot fix release or instructions on how to rectify?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by TarunKumar

HI @errol ,

All Log4j 1.x library are removed in the 6.5.14 release. You can try to install AEM 6.5.14.0 or a later release.
For details on it you can follow below KB where manual instruction is also listed:

https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html


Thanks
Tarun

2 replies

kautuk_sahni
kautuk_sahni
Employee
February 8, 2024

@errol Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.

Kautuk Sahni
TarunKumar
TarunKumarAccepted solution
New Participant
February 7, 2024

HI @errol ,

All Log4j 1.x library are removed in the 6.5.14 release. You can try to install AEM 6.5.14.0 or a later release.
For details on it you can follow below KB where manual instruction is also listed:

https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html


Thanks
Tarun

    Terms & ConditionsAccessibility statement

    Loading footer...