Welcome to Headwind MDM Q&A, where you can ask questions and receive answers from other members of the community.

Please do not post bug reports, missing feature requests, or demo inquiries. If you have such an inquiry, submit a contact form.

0 votes
Hi,

You are using an old version of log4j (i know it's not concerned with this vulnerability). Is there a release planned for the 2.17 ?

Thx
by (130 points)

1 Answer

+1 vote
The vulnerability of the Log4j v2 can only be used to attack when a remote logging using JNDI interface is performed. Headwind MDM doesn't use JNDI, it writes logs to local text files only. So the known vulnerability can't be used to attack the Headwind MDM server.

Anyway, migration to a newer version of Log4J will be considered.
by (37.6k points)
...