Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

As test shows, the CVE-2021-44228 vulnerability cannot be exploited in latest WCS build 5.2.1109

Under the hoods: why WCS is not vulnerable

WCS uses Apache log4j 1.2.17. This old version does not support JDNI feature which is added since log4j 2.0-beta9. Therefore, CVE-2021-44228 vulnerability cannot be exploited in WCS.