SAP Knowledge Base Article - Preview

3548903 - CVE-2021-4104 & other log4j vulnerabilities - further information for BI Support Tool

Symptom

Further information on following log4j vulnerabilities if found in BI Platform Support Tool:

  • CVE-2021-4104 (JMSAppender.class -> SAP Note 2914574)
  • CVE-2019-17571 (SocketServer.class -> SAP Note 2914574)
  • CVE-2022-23302 (JMSSink.class -> SAP Note 2914574)
  • CVE-2022-23305 (JDBCAppender.class -> SAP Note 2914574)
  • CVE-2021-44832 (JDBCAppender.class -> SAP Note 2914574)
  • CVE-2022-23307 (Chainsaw -> SAP Note 2914574)
  • CVE-2020-9488 (SMTPAppender.class -> SAP Note 2914574)
  • CVE-2023-26464 (SocketAppender.class -> SAP Note 2914574)


Read more...

Environment

  • SAP BusinessObjects Business Intelligence platform 4.3
  • SAP BusinessObjects Business Intelligence platform 4.2
  • log4j

Product

SAP BusinessObjects Business Intelligence platform 4.2 ; SAP BusinessObjects Business Intelligence platform 4.3

Keywords

bipst, cve, vulnerability, BIPST, BIST , KBA , BI-BIP-ST , Support Tool , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.