diff --git a/jasamedika-k3kl/src/main/resources/log4j.properties b/jasamedika-k3kl/src/main/resources/log4j.properties
index 0a185ada..ec7bfcfb 100644
--- a/jasamedika-k3kl/src/main/resources/log4j.properties
+++ b/jasamedika-k3kl/src/main/resources/log4j.properties
@@ -6,4 +6,8 @@ log4j.appender.A1=org.apache.log4j.ConsoleAppender
 
 # A1 uses PatternLayout.
 log4j.appender.A1.layout=org.apache.log4j.PatternLayout
-log4j.appender.A1.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
\ No newline at end of file
+log4j.appender.A1.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
+
+#mitigate Log4J Vulnerability
+com.sun.jndi.ldap.object.trustURLCodebase=false
+com.sun.jndi.rmi.object.trustURLCodebase=false
\ No newline at end of file
diff --git a/jasamedika-reporting/src/main/resources/log4j.properties b/jasamedika-reporting/src/main/resources/log4j.properties
index 46770938..633c533d 100644
--- a/jasamedika-reporting/src/main/resources/log4j.properties
+++ b/jasamedika-reporting/src/main/resources/log4j.properties
@@ -8,4 +8,8 @@ log4j.appender.A1=org.apache.log4j.ConsoleAppender
 log4j.appender.A1.layout=org.apache.log4j.PatternLayout
 log4j.appender.A1.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
 # set MaxFileSize
-# log4j.appender.A1.MaxFileSize=10MB
\ No newline at end of file
+# log4j.appender.A1.MaxFileSize=10MB
+
+#mitigate Log4J Vulnerability
+com.sun.jndi.ldap.object.trustURLCodebase=false
+com.sun.jndi.rmi.object.trustURLCodebase=false
diff --git a/jasamedika-web/src/main/resources/log4j.properties b/jasamedika-web/src/main/resources/log4j.properties
index 0a185ada..ec7bfcfb 100644
--- a/jasamedika-web/src/main/resources/log4j.properties
+++ b/jasamedika-web/src/main/resources/log4j.properties
@@ -6,4 +6,8 @@ log4j.appender.A1=org.apache.log4j.ConsoleAppender
 
 # A1 uses PatternLayout.
 log4j.appender.A1.layout=org.apache.log4j.PatternLayout
-log4j.appender.A1.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
\ No newline at end of file
+log4j.appender.A1.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n
+
+#mitigate Log4J Vulnerability
+com.sun.jndi.ldap.object.trustURLCodebase=false
+com.sun.jndi.rmi.object.trustURLCodebase=false
\ No newline at end of file