OPERATIONAL DEFECT DATABASE
...
...
BugZero found this defect 70 days ago.
When you upgrade WSM to version 12.10.4, the Log4j library is kept and the PC might appear as vulnerable in security scans. While WSM uses a vulnerable version of Log4j (v1.2.8), it does not use any of the vulnerable modules and is not vulnerable to any exploits. WSM v12.10.4 replaces Log4j with Reload4j.
This workaround is for WSM-only and WSM with Management Server installations. New WSM v12.10.4 installations are not affected by this issue. Before you begin, make sure that WSM tools such as Firebox System Manager, Policy Manager, Quick Setup Wizard, and WatchGuard Server Center are closed. These tools lock the "...\lib" directory when they are open. To resolve this issue: Go to the C:\Program Files (x86)\Common Files\WatchGuard\wsm11\lib directory.Delete the log4j-1.2.8.jar file.Rescan the PC. Caution: For Management Server users that reinstall WSM instead of upgrading WSM, make sure you have a recent Management Server backup and keep configuration files during the uninstallation process. For WSM v12.10.3 and lower, upgrade to WSM v12.10.4 and follow the workaround above. For more information, go to this Log4j PSIRT advisory: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2021-00003.
