Vendor Patch ExistsVendor Resources
| Resource | Link |
|---|---|
| Apache Solr Security | https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 |
Community Resources
| Resource | Link |
|---|---|
| source | https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 |
| Apache Solr 8.11.1 downloads | https://solr.apache.org/downloads.html |
Community Notes
| Source | Note |
|---|---|
| NCSC-NL | CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix |
| NCSC-NL | Fixed in 8.11.1, Versions before 7.4 also vulnerable when using several configurations |
| CISAGov | Update to 8.11.1 or apply fixes as described in Solr security advisory |
| CISAGov | Last Update: 12/16/2021 |
Sources
| Date | Attribution | Description |
|---|---|---|
| 2021-12-27 15:29:04 | NCSC-NL | Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note. |
| 2021-12-30 21:31:50 | CISAGov | Updated vendorPatchExists. Updated vendor link Apache Solr Security. Updated community link Apache Solr 8.11.1 downloads. Updated community note. Updated community note. |