The hotfix addresses CVE-2021-44228 and CVE-2021-45046, remote code execution vulnerabilities in Apache Log4j.
See the attached files for instructions on how to install the hotfix.
Environment
The hotfix applies to TIBCO WebFOCUS Client and TIBCO WebFOCUS Installer 8207.28.05 on all supported platforms or TIBCO WebFOCUS Reporting Server and TIBCO Data Migrator 8207.28.05 on Windows and Linux 2.6, 3.10, and 4.18 kernel platforms.
Resolution
The hotfix can be downloaded from the TIBCO Support Customer Portal Web User Interface, using your username and password for the TIBCO Support Web.
Once logged in, select Hotfixes from the Downloads menu. Navigate to the hotfix location: AvailableDownloads/ibi/WebFOCUS/8207.28.04/HF-001. Then select the applicable product(s) and platform.