/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- Identify an open vulnerability in our SAP NLS product related to an outdated version of the log4j-core library. Details are as follows:
- Path: /usr/sap/SID/server/COCKPIT-4/common/lib/log4j-core-2.17.1.jar
Installed version: 2.17.1
- Path: /usr/sap/SID/server/COCKPIT-4/common/lib/log4j-core-2.17.1.jar
- Version of SAP IQ NLS this Log4j library versions will be updated to fixed version (2.25.3)?
- Official SAP documentation justification that lack of web access removes exploitability risk.
Read more...
Environment
- SAP IQ 16.1
- SAP IQ 16.2
- SAP IQ Cockpit
- log4j
Product
SAP IQ 16.1
Keywords
CVE-2025-68161, Cockpit, vulnerability , KBA , BC-SYB-IQ , Sybase IQ , Known Error
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)