Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Search

Breadcrumbs

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

For modeling tools (Magic Software Architect, Magic Cyber Systems Engineer, Magic Systems of Systems Architect , MagicDraw, Cameo Systems Modeler, Cameo Enterprise Architecture)

Make sure application is not running
Download log4j v2Download log4j 2.16.0 (or 2.17.0) from here.
Replace all log4j 2.x jar files with their respective equivalents from the downloaded version zip file while keeping the original file name.

You need to replace these files

...

from apache website (link)
Search now for these jar files in installation base
- log4j-core-2.*.jar
- log4j-1.2-api-2.

...

- *.jar
- log4j-

...

- api-2.*

...

- .jar
- log4j-slf4j-impl-2.*

...

- .jar

Example:

...

Replace any match by the 2.16.0 (or 2.17.0) version. Make sure the original filename is unchanged. See example below.
The replacing and renaming operations must be performed for all jar files found from the list

Example - if you find log4j-core-2.11.

...

2.jar:

...

Remove log4j-core-2.11.

...

2.jar

...

Copy log4j-core-2.16.0.jar

...

to the same location
Rename log4j-core-2.16.

...

0.jar

...

to log4j-core-2.11.2.jar

See the detailed procedure to mitigate the risk concerning the CVE-2021-44228 vulnerability.

...

No Magic, Inc. Copyright © 1998 – 2024 No Magic, Incorporated, a Dassault Systèmes company – All Rights Reserved.