Qualys scan reported below High Security Vulnerabilities in our sonar system with below path.
We running sonar version 7.9.5.
Could you please provide a solution for fixing log4j vulnerability.
Hi @ndubbala ,
as you are running a SonarQube 7.9 version, which is not supported anymore, you should upgrade at your earliest convenience on a supported version : 8.9.6 LTS or 9.2.3 latest release.
See more here : SonarQube, SonarCloud, and the Log4J vulnerability