App/Interface Name log4j file name CVE-2021-44832 CVE-2021-44228 CVE-2021-45056 Compiled fix available from TRAX?

3rd party AppServer

Wildfly 16.0.0.

log4j-jboss-logmanager-1.1.6.Final.jar

Manual upgrade recommended. Please note that Log4j 1.x has reached End of Life in 2015.

N/A

3rd party AppServer

Wildfly 22+

None in Prod on TRAXCloud

log4j-core-2.14.0.jar

Manual Upgrade required: Java 8 log4v2.17.1 Java 7 log4v2.12.4

N/A 

3rd party AppServer

JasperReports Server 7.5.x, 7.8.x, 7.9.x, 8.0.0

log4j-1.2.12.jar

log4j-core-2.13.3.jar

 Affected. Follow vendor Instructions

N/A

3rd party Application

Jaspersoft Studio Pro 7.3.x, 7.5.x, 7.8.x, 7.9.x, 8.0.0

log4j-core-2.8.2.jar

log4j-core-2.14.0.jar

 Affected. Follow vendor Instructions

N/A

Interface

WebModule-TraxInterface

log4j-1.3alpha-7.jar

Manual upgrade recommended. Please note that Log4j 1.x has reached End of Life in 2015. For Java 8 apply log4v2.17.1. For Java 7 apply log4v2.12.4

Pending

Interface

ApuAcarsReading | CrewAssignment | InventoryStock

log4j-1.2.17.jar

Manual upgrade recommended. Please note that Log4j 1.x has reached End of Life in 2015. For Java 8 apply log4v2.17.1. For Java 7 apply log4v2.12.4

Pending

Interface

EmployeeSchedule

log4j-core-2.4.1.jar

Manual Upgrade required: Java 8 apply log4v2.17.1. For Java 7 apply log4v2.12.4

Yes

Interface

TraxQRWMS-ServiceMaven

log4j-core-2.7.jar

Manual Upgrade required: Java 8 apply log4v2.17.1. For Java 7 apply log4v2.12.4

Yes

Interface

TraxGrails

log4j-1.2.17.jar

Manual upgrade recommended. Please note that Log4j 1.x has reached End of Life in 2015. For Java 8 apply log4v2.17.1. For Java 7 apply log4v2.12.4

Pending

Interface

Inventory

log4j-api-2.13.3.jar

log4j-to-slf4j.2.13.3.jar

Not Affected

Not Affected

Not Affected

Pending

Interface

Picklist

log4j-api-2.13.3.jar

log4j-to-slf4j.2.13.3.jar

Not Affected

Not Affected

Not Affected

Pending

Interface

ACARS Interface

log4j-api-2.12.1.jar

log4j-to-slf4j.2.12.1.jar

 Not Affected

Not Affected

Not Affected

Pending

WebApplication

TraxDocServices

log4j-core-2.11.1.jar Manual Upgrade required: Java 8 apply log4v2.17.1. For Java 7 apply log4v2.12.4 Yes

WebApplication

eMRO

log4j-1.2.17.jar

Manual upgrade recommended. Please note that Log4j 1.x has reached End of Life in 2015. For Java 8 apply log4v2.17.1. For Java 7 apply log4v2.12.4 Pending

WebApplication

TraxPrintServer

log4j-1.2.17.jar

Same as above

Pending

WebApplication

CertifyPDF

log4j-1.2.17.jar

Same as above Pending

WebApplication

emroPrintServer

log4j-1.2.17.jar

Same as above Pending

WebApplication

ePlanning

log4j-1.2.17.jar Same as above Pending

WebApplication

PlanningControl

log4j-1.2.16.jar 

log4j-1.2.17.jar

Same as above  Pending

WebApplication

eTechLogbook

log4j-1.2.17.jar

Same as above Pending

WebApplication

LineControl

log4j-1.2.16.jar

log4j-1.2.17.jar

Same as above Pending

WebApplication

ProductionControl

log4j-1.2.16.jar

log4j-1.2.17.jar

Same as above Pending

WebApplication

ShopControl

log4j-1.2.16.jar

log4j-1.2.17.jar

Same as above Pending

WebApplication

CustomerPortal

log4j-1.2.17.jar Same as above Pending

WebApplication

eContentCtl

(LeaseReturn)

log4j-1.2.16.jar

log4j-1.2.17.jar

Same as above Pending

WebApplication

VisualCheck

log4j-1.2.16.jar

log4j-1.2.17.jar

Same as above Pending

Application

AeroDox

log4j-1.2.17.jar

Same as above Pending

Application

eMobilityServices

log4j-1.2.17.jar

Same as above Pending

WebApplication

IOSMCServices

log4j-1.2.12.jar

Same as above Pending

WebApplication

IOSBusinessEAR

log4j-1.2.12.jar

Same as above Pending

WebApplication

IOSDataSyncEAR

log4j-1.2.12.jar

Same as above Pending

Application

IConnectorEAR

log4j-1.2.17.jar

Same as above Pending

Application

eZStockWF

log4j-1.2.17.jar

Same as above Pending