ADA cloud: important vulnerability issue

  1. /
  2. HPC Center news
  3. /
  4. ADA cloud: important vulnerability...

Dear CINECA cloud Users,
this is to inform you about an important vulnerability issue about log4j
If you are a system administrator of one or more VMs in our HPC cloud and if you are using:- Apache log4j2 version < 2.15.0 - JRE (java runtime environment) version < 8u121 - any message logger which uses sensitive information please check if this vulnerability concerns your VMs.In this case, please apply the following actions: - update Apache log4j2 to version >= 2.15.0- update JRE to version >= 8u121 – if the previous actions are not possible, set the System Property “-Dlog4j2.formatMsgNoLookups=true”
Best regards, HPC User Support @CINECA