A good day to you. I wish to inquire if there is any concern from UiPath in regards to threat pose by the Apache Log4j vulnerability ( Recently uncovered software flaw ‘most critical vulnerability of the last decade’ | Software | The Guardian ). I know UiPath orchestrator runs on MS IIS and wanted to …

[image] Log4j critical vulnerability: CVE-2021-44228 Insights We have just posted an update! For all versions of Insights below 2021.10, please see UiPath Security Advisory CVE | UiPath . We have mitigation steps posted at UiPath Security Advisory CVE | UiPath . We appreciat…

Inquiry on UiPath's logging framework - concerns on Log4Shell vulnerability

Help Orchestrator

codemonkee (Tim) December 14, 2021, 3:52pm 7

Insights will have been affected.

More information
A zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021 that results in remote code execution (RCE).

Affected versions:
Log4j versions 2.x prior to and including 2.14.1

According to the following post, UiPath is evaluating the impact

1 Like

Topic		Replies	Views
Log4j critical vulnerability: CVE-2021-44228 Insights completed , feedback , insights	24	8422	September 5, 2022
Log4j vulnerability CVE-2021-44832 on Orchestrator server Orchestrator orchestrator , question	1	892	April 29, 2022
Is there any relation with Log Message/Add Log Message and Log4j in UIPath Something Else feedback	1	1115	December 29, 2021
Impact Of The Following Vulnerabilities: CVE-2022-41903 And CVE-2022-23521 Knowledge Base orchestrator , 2022_4_0	0	207	August 8, 2023
Logs in UiPath Help	4	3111	April 12, 2019

Most Active Users - Yesterday
Anil_G
ashokkarale
Ajay_Mishra
Gautham_Pattabiraman
BHUSHAN_NAGAONKAR1
vrdabberu
ABHIMANYU_THITE1
lrtetala
samantha_shah
shyamala_shyamu
More details...

Inquiry on UiPath's logging framework - concerns on Log4Shell vulnerability

Related Topics