![]() I suspect this is not just a drag-and-drop operation, as I'm sure the flagged file gets called by the application somehow. The same site has a section of articles that seem to be geared towards how developers can use Apache2 (which seems to be what this file collection actually is) but I'm not a developer, just a systems manager. ![]() There's no installer, just a bunch of files. Unfortunately I don't know how to use it. It seems to be, specifically, the file log4j-1.2.17.jar that is implicated.Įvidently there is a version 2.17.1 available here: It causes two high-priority findings that I must get resolved. Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL.My vulnerability scanner recently flagged an unsupported installation of Apache Log4j in a version of MS SQL we just recently deployed (SQL 2019). This tag should then have its "mode" attribute set to "Off". It could, however, be viewed by browsers running on the local server machine.ĭetails: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). ![]() Runtime Error Description: An application error occurred on the server. Runtime Error Server Error in '/' Application.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |