SAP Knowledge Base Article - Preview

3130943 - CVE-2021-44228 - AS Java Enterprise Portal Components' impact for Log4j vulnerability

Symptom

You are curious whether your SAP NetWeaver Enterprise Portal application is affected by ZeroDay security vulnerability in log4j library mentioned here.

  • Vulnerability CVE-2021-44228 for log4j
  • How does this impact SAP Netwever Application Server Enterprise Portal Application Components

log4j is an apache library used commonly in java applications.  This particular issue was identified in log4j2 and fixed in log4j2.15.0


Read more...

Environment

  • NetWeaver Application Server Java
  • Enterprise Portal

Product

SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5

Keywords

Zero Day, security vulnerability, org.apache.naming.factory.BeanFactory, BeanFactory, CVE-2021-44228, Logger.class, Log4J, Log4j2 , KBA , EP-PIN-PRT , Portal Runtime , BC-JAS-SEC , Security, User Management , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.