In case of the VDS/Eclipse and the customizing log4j config (external\log4j.properties in VDS home directory), it should be checked.Īdditional info on this topic – Log4j – Apache Log4j Security Vulnerabilities
IdM running on Oracle should be fine, based on the SAP note – 3130747 and the same for ASE (SAP note 3129897)ģ130747 – Oracle Security Alert for CVE-2021-44228 – Apache Log4j vulnerability – SAP ONE Support Launchpadģ129897 – CVE-2021-44228 – Log4j vulnerability – no impact on SAP Adaptive Server Enterprise (ASE) – SAP ONE Support Launchpadīased on the initial impression, SAP IdM is not using this library log4j version 2.