×
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
 
 
  •  

   

This documentation supports an earlier version of BMC Helix IT Service Management on-premises deployment.

To view the documentation for the latest version, select 21.3.06 from the Product version picker.
BMC Helix IT Service Management Deployment 21.05 ... Release notes and notices Flashes

Fix available for Apache Log4j vulnerabilities CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105

BMC Software is alerting users to the Apache Log4j vulnerabilities that require immediate attention in BMC Helix Innovation Suite on-premises in version 21.05.02.

If you have any questions related to these vulnerabilities, contact Customer Support.

January 5, 2022

A zero-day exploit for the following vulnerabilities was publicly released:

  • CVE-2021-44228 (code named Log4Shell) on December 9, 2021

  • CVE-2021-45046 on December 14, 2021

  • CVE-2021-45105 on December 18, 2021

A detailed description of the vulnerability can be found here:  Apache Log4j Security Vulnerabilities .

Please follow the BMC Security Advisory Note on BMC Community for continuous updates and details about this issue.

We recommend that you immediately apply the fix as described in this topic.

Issue

Defect IDCVSS v3 ratingDescription
DRD21-140179.8Apache Log4j Security Vulnerability (CVE-2021-44228 and CVE-2021-45046 ) are identified in BMC Helix Innovation Suite.

Resolution

You must upgrade to BMC Helix Innovation Suite version 21.3.02 that contains the fix for this vulnerability. 


Related topics



Was this page helpful? Yes No Submitting... Thank you
Last modified by Poonam Morti on Jan 06, 2022
bmc_restricted

Comments

Log in or register to comment.

Flashes
21.05 Patches
© Copyright 1991-2022 BMC Software, Inc. © Copyright 1991-2022 BladeLogic, Inc.
BMC Software Confidential. BladeLogic Confidential.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.