Is the recently identified log4j vulnerability issue is present in Helical Insight also

Hello Helical Team,

I am using Helical Insight enterprise version 4.1 GA. I would like to know whether it suffers from the log4j vulnerability issue. If yes how to fix it?

Thank You,

Hello Netta,

We are using log4j version 1.2.17. This specific version is not susceptible to the security vulnerability which has been recently identified.

You can refer to the below blog :


Meanwhile we are also working on testing the newer version of log4j with our product and would be updating soon.

Thank You,
Helical Insight.

This patch helps you to update the log4j 1.x to 2.16 version. This can be used on any version upto Helical Insight 4.1 GA.

Please follow the below steps after (3.4 MB)

  1. Go to your the location where you have installed Helical Insight “…hi\apache-tomcat-9\webapps\hi-ee\WEB-INF\lib” and search for below jar and delete these jar.


  2. Download this zip and add the following jar files from patch WEB-INF\lib to this location “…\hi\apache-tomcat-9\webapps\hi-ee\WEB-INF\lib


  3. Go to the location “…\hi\apache-tomcat-9\webapps\hi-ee\WEB-INF\classes” and paste the file from the patch into this location. This file is present in the folder “classes” in this patch.
    Edit this file on notepad++/text editor and change the property
    appender.file.filename to your helical insight log location and save it. Generally the helical insight log location is something like this “…\hi\hi-repository\System\Logs”, something like this can be given. Please note that full path has to be given. Like in my case I have put

appender.file.filename =C:\Program Files\Helical Insight\hi\hi-repository\System\Logs

Save the file.

  1. Delete the old file from “…hi\apache-tomcat-9\webapps\hi-ee\WEB-INF\classes
    only for the version above 2.x of helicalinsight

  2. Replace the “com” folder from classes in the patch to

  3. Once the changes are done, Restart the server