Support Questions

Find answers, ask questions, and share your expertise

log4j2 failure (CVE-2021-44228) in cloudera



about log4j2 failure (CVE-2021-44228) in cloudera


there is the KB:


instructs to run the script to remove a class in the jar etc.


our doubt is, do we need to run this script in any version of CM / CDH or just the version from 6.x.x?


Previously asked and answered in this thread:

log4j2 vulnerability (CVE-2021-44228)



Bill Brooks, Community Moderator
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

thank you @ask_bill_brooks 


I had seen this thread you passed, but it doesn't explicitly say which version of CM/CDH to run github's log4j script procedure.


but I will consider version 5.x and 6.x to run this script.