This article explains how to nullify possible attacks via the Apache Log4j security vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832 described in Apache Log4j Security Vulnerabilities.
The following Tibco Spotfire products are affected by these Log4j vulnerabilities:
TIBCO Spotfire Server - 7.9 and higher
TIBCO Spotfire Statistics Services - 10.3.1 and higher
TIBCO Spotfire Service for Python - All
TIBCO Enterprise Runtime for R - Server Edition - All
This following document contains mitigation steps for Apache Log4J vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832) in the TIBCO Spotfire product suite:
TIBCO Spotfire Mitigation for Log4Shell
Additional information regarding Tibco Spotfire products affected by Log4Shell vulnerabilities:
TIBCO Spotfire Mitigation for Apache Log4J Vulnerabilities (Log4Shell)