Hi, I am using Solr 7.2.1 and our system detected it to be vulnerable. Here are the details.
Source: The Exploit-DB Reference:CVE-2021-44228 Description:Apache Log4j2 2.14.1 - Information Disclosure - The Exploit-DB Ref : 50590 Link:http://www.exploit-db.com/exploits/50590 Reference:CVE-2021-44228 Description:Apache Log4j 2 - Remote Code Execution (RCE) - The Exploit-DB Ref : 50592 Link:http://www.exploit-db.com/exploits/50592 Can someone please help me on how to remediate this? One of the solution provided as below https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228I but it is for 7.4 or higher versions. I know one of the solutions is to upgrade it but we have tight dependency on this from Sitecore CMS. It would be very helpful if someone can provide any guidance. Thanks and Regards, Mohd Imadoddin This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient(s), please reply to the sender and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email, and/or any action taken in reliance on the contents of this e-mail is strictly prohibited and may be unlawful. Where permitted by applicable law, this e-mail and other e-mail communications sent to and from Cognizant e-mail addresses may be monitored.
