Solved! Go to Solution.
depends on what the firewall controls 🙂 But yes, in case the firewall only allows trusted users to access the UI, this will limit the risk to only the trusted users.
Hi, also a question about Log4j.
We upgraded to 10.2.5, the Mitigation say, not vulnerable, but we are forced to use 2.17.1
See CVE-2021-44852, will there be a next Update with 2.17 at least ?
And what about the Log4J Versions 1.2.x
I know the System is ok, only the Ui can be vulnarable, but why does McAfee leave such old Versions in their Applications ?