[
https://issues.apache.org/jira/browse/LOG4J2-3269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17463296#comment-17463296
]
Gary D. Gregory commented on LOG4J2-3269:
-----------------------------------------
Search for files that start with "log4j-" and have the ".jar" extension.
If you suspect some jar files are shadded or uber jars then you will need to
search inside those jar files (which are in fact zip files) for Log4j class
files.
If you have war files, you should look inside those files (also a zip file) for
log4j files.
> Method To Find Log4j Version on Windows Servers
> -----------------------------------------------
>
> Key: LOG4J2-3269
> URL: https://issues.apache.org/jira/browse/LOG4J2-3269
> Project: Log4j 2
> Issue Type: Question
> Components: Log4j-Audit
> Affects Versions: 2.14.1
> Reporter: Ciaran Byrne
> Priority: Major
> Fix For: 2.14.1
>
>
> Is there a quick way to find the log4j version that's installed on Windows
> servers (we're trying to discover which servers are at risk from the recent
> vulnerability)? We're currently trying to find a sure-fire way find this out
> and have so far drawn a blank. Any ideas?
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
