Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Search

Breadcrumbs

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

Timestamp	Description
2021 12 20 16:30 GMT+1	Added log4j version 2.17.0 for modeling and collaboration tools in Remediation.
2021 12 17 14:00 GMT+1	UpdatedRemediation options for modeling and collaboration tools.
2021 12 17 13:00 GMT+1	Updated log4j version from 2.15.0 to 2.16.0 for modeling and collaboration tools in Remediation.
2021 12 16 14:00 GMT+1	Added Cameo DataHub plugin to the list in Apache Log4j2 version 2.0-2.14.1 is a part of the following products, however it is not used for logging. No action to perform.
2021 12 16 14:00 GMT+1	Added information about FlexNet Publisher in Apache Log4j2 version 2.0-2.14.1 is a part of the following products. Action to perform.

...

For modeling tools (Magic Software Architect, Magic Cyber Systems Engineer, Magic Systems of Systems Architect , MagicDraw, Cameo Systems Modeler, Cameo Enterprise Architecture)

Download the latest log4j log4j 2.17.0 or 2.16.0 patched version from here.
Replace all log4j 2.x jar files with their respective equivalents from the downloaded version 2.16.0 zip file while keeping the original file name.

Example:

if found: log4j-core-2.1114.2.jar
then remove log4j-core-2.11.214.jar
copy log4j-core-2.1617.0.jar over to log4j-core-2.1114.2.jar
repeat for any other log4j 2.x file found.

You will need to apply this procedure for these files

log4j-1.2-api-2.**.jar
log4j-api-2.**.jar
log4j-core-2.**.jar
log4j-slf4j-impl-2.**.jar

See the detailed procedure to mitigate the risk concerning the CVE-2021-44228 vulnerability.

...

For collaboration tools (Magic Collaboration Studio, Cameo Collaborator for Teamwork Cloud, Teamwork Cloud)

Download the latest log4j log4j 2.17.0 or 2.16.0 patched version from here.
Replace all log4j 2.x jar files with their respective equivalents from the downloaded version 2.16.0 zip file while keeping the original file name.

...

if found: log4j-core-2.11.2.jar
then remove log4j-core-2.11.2.jar
copy log4j-core-2.1617.0.jar over to log4j-core-2.11.2.jar
repeat for any other log4j 2.x file found.

...

No Magic, Inc. Copyright © 1998 – 2024 No Magic, Incorporated, a Dassault Systèmes company – All Rights Reserved.