IHMC CmapTools & CmapServer Support Forum

Posted: **Wed Oct 11, 2023 10:43 am**

Good morning,

Enterprise vulnerability scans are identifying the Log4J instance on CmapTools to be vulnerable for two reasons:
Path: C:\Program Files\IHMC CmapTools\classes\log4j-1.2.12.jar

1. Apache considers 1.x to be end of life
2. Several CVEs apply to the version of log4j CmapTools uses - https://logging.apache.org/log4j/1.2/

Whether or not the listed CVEs are actually applicable to the instance of CmapTools, the industry I work in requires a response to software instances that are end of life. I see forum traffic from Dec 2021 where an update to Log4j was planned for CmapTools. Is that still in progress?

Thanks,

Posted: **Wed Oct 11, 2023 4:09 pm**

Hi,

We are beta testing the new version. Should be made public soon.

Posted: **Mon Nov 20, 2023 3:28 am**

cmapadmin wrote: ↑Wed Oct 11, 2023 4:09 pm Hi, fnf

We are beta testing the new version. Should be made public soon.

Great! Looking for the release asap.

Posted: **Tue Jan 02, 2024 11:52 pm**

Regarding your solution, I would want to know if the unique IDs in a CMAP-generated CXL file (1YWFHPDZM-1JRY4J2-BQ, etc.) have to be in a certain format or if any format would do as long as each instance is unique basket random Of course, I can test this myself, but I was hoping you would already be aware of the solution.

Posted: **Tue Jan 09, 2024 10:11 pm**

Looking for the release!
iq test

Posted: **Wed Mar 13, 2024 5:37 am**

Sure! I'm eager to see the release soon skibidi toilet game

IHMC CmapTools & CmapServer Support Forum

Updating Log4J Past 1.2?

Updating Log4J Past 1.2?

Re: Updating Log4J Past 1.2?

Re: Updating Log4J Past 1.2?

Re: Updating Log4J Past 1.2?

Re: Updating Log4J Past 1.2?

Re: Updating Log4J Past 1.2?