CVE-2021-4104 - Noob Needs Some Advice

Support for security such as Firewalls and securing linux
Post Reply
Posts: 5
Joined: 2022/08/18 17:05:38

CVE-2021-4104 - Noob Needs Some Advice

Post by shatnersbassoon » 2022/08/18 17:15:02

Hi Everyone, this is my first post so please go easy on me. I have tried to search for the above CVE but I dodn't have access to read the sole hit which was returned.

Anyway, I know there is log4j-1.2.17-17 which is more secure than the version I have here.


I also know that v1 has not been supported for some time.

But, is there a way I call tell if this specific jar needs either replacing with 1.2.17 or a v2?


The reason I ask is that this jar is in tmp which makes me think It could be deleted without impact? See, I told you I was a noob.

Thanks for any help.

User avatar
Site Admin
Posts: 32757
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2021-4104 - Noob Needs Some Advice

Post by TrevorH » 2022/08/18 21:04:40

Judging by the path involved, that's part of jboss which is another Red Hat product.

The second link can be read if you sign up for a free Red Hat Developer Subscription. For more information on the free Red Hat Developer subscription please see ... available/ with instructions for renewal on ... scription/ and T&C on ... rise-linux#
CentOS 8 died a premature death at the end of 2021 - migrate to Rocky/Alma/OEL/Springdale ASAP.
Info for USB installs on
CentOS 5 and 6 are dead, do not use them.
Use the FAQ Luke

Post Reply