| This post was kindly contributed by SAS Users - go there to comment and to read the full post. |
SAS is tracking and actively responding to the remote execution vulnerability known as “Log4Shell” (CVE-2021-44228). The vulnerability exists in some versions of the Apache Log4j Java logging library, and was initially disclosed on December 9, 2021.
See the SAS security bulletin about this vulnerability. The bulletin contains information about affected SAS software and services, as well as list of actions already taken by SAS. As new information and guidance becomes available, we will update this bulletin.
As a reminder, you can always find the latest security bulletins from SAS on our Support website.
Updates on the Apache Log4j CVE-2021-44228 vulnerability was published on SAS Users.
| This post was kindly contributed by SAS Users - go there to comment and to read the full post. |