Loading
search-img
Title
CVE-2021-44228: Log4j vulnerability impact on FlexNet Embedded

Summary

A vulnerability identified as CVE-2021-44228 has been reported in the Apache Log4j library. This vulnerability may allow for remote code execution in susceptible products.

Problem Description

Upon analysis, CVE-2021-44228 has been determined to impact the optional FlexNet License Server Manager (FLSM) component packaged with the FlexNet Embedded local license server.

Resolution

Revenera has provided a FlexNet Embedded 2021.12 local license server that does not contain the FlexNet License Server Manager component. This updated package is available for download on the Product and License Center.

Note: You must have permission to access the Product and License Center. This would be granted to you by either Revenera or by your company's administrator.

A separate FlexNet License Server Manager (FLSM) package that does not use the vulnerable Log4j component is available for download from the Product and License Center. The package files are:

For WindowsFor Linux
flexnet-flsm-windows-2021.12.2.zipflexnet-flsm-linux-2021.12.2.tar.gz

Workaround

We advise customers to temporarily cease using the FlexNet License Server Manager until the new package is available. However, customers who wish to continue using the FlexNet License Server Manager may mitigate risk by including Dlog4j2.formatMsgNoLookups=true to JAVA_OPTS environment variable in Tomcat CATALINA_HOME/bin directory:

Operating SystemDirections
Windows

Edit setenv.bat and append "-Dlog4j2.formatMsgNoLookups=true" if exists.

If it doesn't exist, create new file and add set JAVA_OPTS="-Dlog4j2.formatMsgNoLookups=true"

Linux

Edit setenv.sh in CATALINA_HOME/bin and append "-Dlog4j2.formatMsgNoLookups=true" if exists

If this doesn't exist, create a new file and add export JAVA_OPTS="-Dlog4j2.formatMsgNoLookups=true"

Additional Information

Was this helpful?
Support Hub
Product
FlexNet Embedded
Visibility
Guest
URL Name
cve-2021-44228-log4j-vulnerability-impact-on-flexnet-embedded

Related Articles

Create a case with Support
0/255
Upload Attachment
File Upload
Maximum file size allowed is 3 MB.
File type not supported.
Supported file types:
Documents (.txt, .doc, .docx, .pdf), Images (.jpg, .png), Comma Separated Files (.csv) Speadsheets (.xlsx, .xls)

Are you sure you want to cancel the case creation?

Are you sure you want to close this case

Get Hotline support
Products Region Phone Numbers
FlexNet Operations
FlexNet Embedded
FlexNet Publisher
FlexNet Connect
FlexNet Code Insight
InstallAnywhere
InstallShield 		North America  * +1 630-332-2513 (toll)
+1 877-279-2853 (toll-free in North America)
Europe  * +44 1925 944367 (toll)
+44 800 047 8642 (toll-free in Europe)
Japan  * +81 3-4540-5335 (select option 2)
Australia  * +61 3 9895 2177
+61 1800 560 603 (toll-free in Australia)
Usage Intelligence (formerly Revulytics)
Compliance Intelligence 		Please use the Case Portal to submit your support ticket or reach out to your Revenera contact.
Book an Appointment
File Upload
Maximum file size allowed is 3 MB.
File type not supported.
Supported file types:
Documents (.txt, .doc, .docx, .pdf), Images (.jpg, .png), Comma Separated Files (.csv) Speadsheets (.xlsx, .xls)
+1.800.374.4353
CONTACT US REVENERA.COM FLEXERA.com
© 2026 Flexera Software. All Rights Reserved.
Privacy policy Terms and conditions Flexera Community Contact Us
Loading
CVE-2021-44228: Log4j vulnerability impact on FlexNet Embedded