Hi Team,
We’ve received a directive to check the effect of the security vulnerabilities applications that are hosting on Lucee:
→ CVE-2021-45046: CVE - CVE-2021-45046
→ CVE-2021-44228: CVE - CVE-2021-44228
Is there any impact to the Lucee that we are currently using? if yes, please suggest the mitigation steps.
Are there any process to identify whether we have impacted?
Thanks for the quick response.
Yes Zackster i have looked into those posts. From that i understand there is no impact with cve-2021-44228 as lucee is using log4j-12.17. Correct me if i understand differently.
But i didn’t find any article/post on cve-2021-45046. The organisation need a verdict from the Lucee side to believe that there is no impact with both cve-2021-44228, cve-2021-45046.
Hope you got me.