Hi Community,
I do not know this is the right place to ask, but.
Is the Microsoft-Power platform (Non-custom connectors, Canvas Apps, DAX etc?) vulnerable to this Log4j 2 Exploit?
yes it's using log4j 2.12.1 in \Program Files (x86)\Power Automate Desktop\java-support\PAD.JavaBridge.jar, log4j 2.12.1
I have found this file to be vulnerable as well:
C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.2290.0_x64__8wekyb3d8bbwe\java-support\PAD.JavaBridge.jar
C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.2290.0_x64__8wekyb3d8bbwe\java-support\PAD.JavaBridge.jar contains Log4J-2.x >= 2.10.0 _VULNERABLE
I have uninstalled Power Automate and the file remains
The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.
Learn to digitize and optimize business processes and connect all your applications to share data in real time.
User | Count |
---|---|
12 | |
9 | |
7 | |
7 | |
7 |
User | Count |
---|---|
19 | |
18 | |
17 | |
10 | |
7 |