Article - CS370109
Is Windchill PDMLink 11.2.1.16 impacted by CVE-2020-9488 or not
Modified: 07-Jun-2022
Applies To
- Windchill PDMLink 11.2.1.16
Description
- Is Windchill PDMLink 11.2.1.16 impacted by CVE-2020-9488 or not?
- Windchill PDMLink 11.2.1.16 uses log4j 1.2.
- According to https://logging.apache.org/log4j/1.2/, log4j 1.x is vulnerable for CVE-2020-9488. But since log4j 1.x is no longer maintained, the issue is not fixed in log4j 1.2.
This is a printer-friendly version of Article 370109 and may be out of date. For the latest version click CS370109