Re: How to mitigate CVE-2021-45105

David Smiley Sun, 19 Dec 2021 13:24:59 -0800

Solr's default logging config isn't vulnerable:
https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
You'd have to go out of your way to configure logging to use such this
vulnerable mechanism, and that isn't likely for Solr users to do so.


~ David Smiley
Apache Lucene/Solr Search Developer
http://www.linkedin.com/in/davidwsmiley


On Sun, Dec 19, 2021 at 5:14 AM Kashif Mumtaz
<kashif.mum...@yahoo.com.invalid> wrote:

> Hi ,We are using Solr 7.7.3. How to apply fix for log4j third
> vulnerability  CVE-2021-45105 in Solr ?
> Regards,
>
>

Re: How to mitigate CVE-2021-45105

Reply via email to