Keep up to date with Log4j

Esri has released patches for the Log4j vulnerability for the following components:

Portal for ArcGIS 10.610.
ArcGIS Server 10.6,, 10.910.9.1
ArcGIS Data Store
ArcGIS GeoEvent Server 10.6, 10.6.1, 10.7.1, 10.8.1, 10.9, 10.9.1

Although there is no known exploit identified with ArcGIS products, it is highly recommended to apply Esri's Log4Shell scripts to all installations of ArcGIS Enterprise and ArcGIS Server of any version of the software. Please check back often as frequently asked questions will be updated based on customer feedback. 

Recommended scripts can be downloaded for:

ArcGIS Server
Portal for ArcGIS
ArcGIS Data Store
ArcGIS GeoEvent Server
ArcGIS Workflow Manager Server
ArcGIS GeoEnrichment Server

Frequently asked questions

Applying the mitigation scripts in ArcGIS Enterprise and a standalone ArcGIS Server component

If you have any questions or concerns, please call 1800 870 750 or log a support ticket via

Subscribe to
Esri Australia news