The latest software scoop.

Siemens News & Software Announcements

This is the place for all things Siemens software news & updates can be found here.
Still got questions? Contact us anytime and one of our experts will be happy to help!

New Siemens Support Center
The newly launched tool offers a personalized Support experience, providing quick access to all the product resources customers need to maximize their product investment.

solid edge university, user group

Apache Log4j Vulnerability Impact on Solid Edge

SUMMARY
On 09-Dec-2021, a vulnerability in Apache Log4j (a logging tool used in many Java-based applications) was disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems. The vulnerability is tracked as CVE-2021-44228 and is also known as "Log4Shell".

DETAILS
At this time, the impact on Solid Edge and its Portfolio suite of tools is limited to the Teamcenter Integration for Solid Edge Wiring & Harness Design and Solid Edge CAM Pro. The rest of our Solid Edge product suite remains unaffected. The following contains the vulnerable version (2.x.x) of Apache Log4j:Solid Edge Wiring Harness Design (SEWHD)- 2020 SP2002 or later- 2021 – all versions- 2022 – all versionsSolid Edge CAM Pro (SECP)- 2020 – all versions- 2021 – all versions- 2022 – all versionsNote: Older Log4j files (Log4j versions 1.x.x ) found within other Solid Edge add-on applications, such as Geolus, do not contain the vulnerable JndiLookup.class and therefore are unaffected by the vulnerability.  Workarounds and MitigationsThe Vulnerable Component, log4j-core.jar, is located at the following locations:SEWHD- <Install Drive>:\Program Files\Siemens\Solid Edge Wiring and Harness Design 2022\lib\teamcenter\extras\log4j-core.jarSECP 2020- <Install Drive>:\Program Files\Siemens\Solid Edge CAM Pro\UGMANAGER\soa\tc12000.4.0\log4j-core-2.13.0.jar contains Log4J-2.x- <Install Drive>:\Program Files\Siemens\Solid Edge CAM Pro\UGMANAGER\tccs\third_party\TcSS\TcSS12.4\jars\log4j-core-2.13.0.jarSECP 2021- <Install Drive>:\Program Files\Siemens\Solid Edge CAM Pro 1980\UGMANAGER\soa\tc13000.2.0\log4j-core-2.14.0.jar- <Install Drive>:\Program Files\Siemens\Solid Edge CAM Pro 1980\UGMANAGER\tccs\third_party\mld\tc13.1.0.0.2020062600\log4j-core-2.13.0.jar- <Install Drive>:\Program Files\Siemens\Solid Edge CAM Pro 1980\UGMANAGER\tccs\third_party\TcSS\TcSS13.1\jars\log4j-core-2.13.0.jarSECP 2022- <Install Drive>:\Program Files\Siemens\Solid Edge CAM Pro 2007\UGMANAGER\soa\tc13000.3.0\log4j-core-2.14.0.jar- <Install Drive>:\Program Files\Siemens\Solid Edge CAM Pro 2007\UGMANAGER\tccs\third_party\mld\tc13.2.0.0.2021012502\log4j-core-2.14.0.jar- <Install Drive>:\Program Files\Siemens\Solid Edge CAM Pro 2007\UGMANAGER\tccs\third_party\TcSS\TcSS13.2\jars\log4j-core-2.14.0.jarPlease apply the mitigation stated in the following Teamcenter Suite knowledgebase article. The steps involve removing a file from the above mentioned log4j-core.jar file whose functionality is unused (org/apache/logging/log4j/core/lookup/JndiLookup.class)https://support.sw.siemens.com/en-US/knowledge-base/PL8600700We are working with the Teamcenter product team to ensure we integrate the main fix as soon as it is qualified and made available.Please continue to watch this article for future updates

without
https://www.swooshtech.com/wp-content/themes/maple/
https://www.swooshtech.com/
#5a7c96
style1
paged
Loading posts...
/home/customer/www/swooshtech.com/public_html/
#
on
none
loading
#
Sort Gallery
on
yes
yes
off
off
on