SAP BO Version 4.2 SP 8 upgrade of log4J V1.2.15 to Log4J V2.17

Hi All ,

Currently we are on SAP Business Objects 4.2 SP8 contains the log4j-1.2.15.jar

As per our security team CVE-2021-4104 - JMSAppender class which is inside the log4j-1.2.15.jar file as vulnerability. They informed to upgrade the log4J.

Have checked the KBA : 3129956 and others there is no ref to upgrade of log4j.

Request your help, if anyone had upgraded log4j in SAP BO environment.

Regards,

Venkat