Message Image

Skip main navigation (Press Enter).

Release Notes and Announcements

View Only

Back to discussions

Expand all | Collapse all

Is on-prem Jama 8.62.3 vulnerable to log4j?

Jump to Best Answer

Scott Wilcock12-14-2021 15:49

Hi Team, I've seen Carly's post stating that updated versions of Jama are not vulnerable. Is 8.62.3 new ...

Carly Rossi12-15-2021 11:55Best Answer

Hi Scott, Great question, and thanks for posting. With regard to the CVE-2021-44228 vulnerability ...

1. Is on-prem Jama 8.62.3 vulnerable to log4j?

0 Like
Scott Wilcock
Posted 12-14-2021 15:49

Reply Reply Privately
Hi Team,
I've seen Carly's post stating that updated versions of Jama are not vulnerable.
Is 8.62.3 new enough that it's not vulnerable?
thanks,

Scott

------------------------------
Scott Wilcock
Invetech Pty Ltd
Mt Waverley VIC
+61421058085
------------------------------
2. RE: Is on-prem Jama 8.62.3 vulnerable to log4j?
Best Answer

2 Like
Carly Rossi
Posted 12-15-2021 11:55
Edited by Carly Rossi 12-15-2021 13:20

Reply Reply Privately
Hi Scott,

Great question, and thanks for posting. With regard to the CVE-2021-44228 vulnerability in Log4j, all supported versions (8.36 and later) of Jama Connect are not affected.

For any on-premises customers running a pre-8.36 version of Jama Connect, Jama's recommendation would be for them to work with their IT administration team to upgrade to a supported version.

Please let me know if you have any other questions here.

Best,
Carly
------------------------------------------------------------
Carly Rossi // she/her
Community Manager // Jama Software
------------------------------------------------------------

Original Message

Powered by Higher Logic