Is AD360 affected by CVE-2021-44228?

Is AD360 affected by CVE-2021-44228?

Is the latest version of AD360 vulnerable to the recent log4j vulnerability? Looking at the library files I can see the complete installation directory of AD360 does contain log4j files:

...C:\ManageEngine\ADAudit Plus\apps\dataengine-xnode\lib\log4j-core-2.10.0.jar
...C:\ManageEngine\ADManager Plus\ES\lib\log4j-core-2.11.1.jar

I really think that ManageEngine home page should direct us to a status page regarding this issue. Some of the systems are built around being public.

      New to ADSelfService Plus?


                  Related Products