Hi Team, While checking for CVE-2021-44228, we noticed the presence of Log4j v1.2.17 packaged along with Tomcat. Log4j lists 1.x as unsupported. Is there any analysis or information available if this is vulnerable or exploitable?
Regards, Naresh
Hi Team, While checking for CVE-2021-44228, we noticed the presence of Log4j v1.2.17 packaged along with Tomcat. Log4j lists 1.x as unsupported. Is there any analysis or information available if this is vulnerable or exploitable?
Regards, Naresh