I thought I read somewhere that older versions (i.e 1.x) did not have the vulnerability.
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Andrew Lopez (SXS US)
Sent: Tuesday, December 14, 2021 7:23 AM
Subject: RE: Remote code execution exploit found in Log4j -
This was helpful:
I will note that if you follow those directions, you are scanning for version 2* of the software. That is not found on my V7R3 system, but version log4j-1.2.15.jar is. That is an out of date version, per Apache, and will not be addressed by them.
For those curious, I found it under /qibm/proddata/OS/WebServices/internal/engines/org.apache.axis2-15/WEB-INF/lib/log4j-1.2.15.jar.
Spirax-Sarco Engineering Plc. This e-mail has been scanned for viruses by Cisco Cloud Email Security.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.