TIBCO Managed File Transfer Command Center/Internet Server 8.4.0 hotfix HF-001 is now available

TIBCO Managed File Transfer Command Center/Internet Server 8.4.0 hotfix HF-001 is now available

book

Article ID: KB0100966

calendar_today

Updated On:

Products Versions
TIBCO Managed File Transfer Command Center 8.4.0

Description

This hotfix is cumulative. This is the first hotfix for TIBCO Managed File
Transfer (MFT) Command Center 8.4.0 and TIBCO Managed File Transfer (MFT)
Internet Server 8.4.0.

The hotfix addresses the following Apache Log4J vulnerabilities - CVE-2021-44228 and CVE-2021-45046 by upgrading to log4j-2.16.0.

Issue/Introduction

TIBCO Managed File Transfer Command Center/Internet Server 8.4.0 hotfix HF-001 is now available. The hotfix addresses the following Apache Log4J vulnerabilities - CVE-2021-44228 and CVE-2021-45046

Environment

All supported environments

Resolution

Hotfix TIB_mftccis_8.4.0_HF-001 can be downloaded from TIBCO Support Portal (https://support.tibco.com).  

You will need to provide your TIBCO Support Portal credentials.  Once logged in you can download the hotfix by selecting the “Downloads” -> “Hotfixes” option. Then go to “/AvailableDownloads/MFT/CommandCenter-InternetServer/8.4.0/” to download the hotfix.

The .zip file has the Readme file inside. Please unzip the file and review the Readme file for instructions on how to apply the hotfix.

================================================================================
Closed Issues in 8.4.0_HF-001 (This Release)

MFCC-6513
Log4j is upgraded to log4j-2.16.0.

================================================================================

Additional Information

Apache Log4J Vulnerability Update MFT Command Center and Internet Server - ​Mitigation for CVE-2021-44228, CVE-2021-45046, CVE-2021-45105
Powered by Wolken Software