Unanswered question

Is Neoload vulnerable for the current log4j CVE?

Is Neoload vulnerable for the current log4j vulnerability?

Robert B.

Robert B.

Level: 0

13 / 100
points

Answer count: 2 answers

Category: Installation / Licensing

Author name: Robert B.

Date: December 14, 2021

: over 2 years ago

Hits: viewed 399 times

question: q

Report

Answers

Nouredine A.

Nouredine A.

Level: 4

5000 / 5000
points

: Team

NeoLoad Web or the Neotys Team Server are not impacted by this vulnerability. Only NeoLoad versions from 7.9.xx-->7.11.xx are impacted.

New versions are already available which contains the log4j libraries 2.15 that resolves the issue. So if needed you can download the 7.9.2, 7.10.2 or 7.11.2 versions.

Author name: Nouredine A.

Date: December 14, 2021

: over 2 years ago

answer: a

Report

Edit
Delete

Markus T.

Markus T.

Level: 0

54 / 100
points

Yes.
Neoload7.11/lib/log4j-api-2.11.2.jar
Neoload7.11/lib/log4j-core-2.11.2.jar
Neoload7.11/lib/log4j-jul-2.11.2.jar
There is a new 7.11.2 version available that fixes the vulnerability.

Author name: Markus T.

Date: December 14, 2021

: over 2 years ago

answer: a

Report

Edit
Delete

Details

Topic: Installation / Licensing
This question has been answered but the author did not select a best answer.
2 answers

Actions

Report

Related questions

Will CVE-2021-45046 log4j 2.15 soon be fixed?

The latest versions including log4j fix version 7.11.2 contain log4j-core-2.15.0.jar. Apache advises tot upgrade to 2.16 because 2.15 contains CVE-2021-45046. Will Neoload...

Robert B.

Robert B.

Level

0

13 / 100

points

Answer count

1 answer

Category

General

Author name

Robert B.

Date

December 17, 2021

over 2 years ago

Hits

viewed 58 times

question

q
Nouredine A.

Nouredine A.

Level

4

5000 / 5000

points

Team
Based on the newly reported CVE-2021-45046, when severity goes over a CVSS score of 7, our development teams start building patches, but even though this new CVE has been...

Author name

Nouredine A.

Date

December 17, 2021

over 2 years ago

answer

a
Does anyone know what version of log4j Neoload 7.11 uses?

And if it is a version impacted by the latest log4j vulnerability, then does anyone know how to fix...

Ian M.

Ian M.

Level

0

31 / 100

points

Answer count

1 answer

Category

General

Author name

Ian M.

Date

December 13, 2021

over 2 years ago

Hits

viewed 178 times

question

q
Robin M.

Robin M.

Level

0

56 / 100

points
NeoLoad 7.11.1 uses log4j 2.11.2 so IT IS affected. There is a new 7.11.2 version available that fixes the vulnerability. You can check your NeoLoad installation by looking...

Author name

Robin M.

Date

December 14, 2021

over 2 years ago

answer

a

Activity on this question

Markus T.

Markus T.

Level

0

54 / 100

points

Markus answered
Nouredine A.

Nouredine A.

Level

4

5000 / 5000

points

Team

Nouredine answered
Robert B.

Robert B.

Level

0

13 / 100

points

Robert posted a new question