CVE-2026-40023 Apache Log4cxx Vulnerability in NetApp Products
Summary
Apache Log4cxx versions prior to 1.7.0 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data. Successful exploitation of this vulnerability could lead to addition or modification of data. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
- 1.7.0
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Mitigation
The vendor states no workaround or mitigation is currently available. Prioritize upgrading to a fixed release, and follow the official advisory for interim guidance.
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.