Informational Advisory Regarding Apache Log4j2 Issue (CVE-2021-44228)

IpTL products and services are NOT IMPACTED by the Log4j2 CVE-2021-44228 Vulnerability

IPTL Security Response Advisory Notice: ISR-2021121201

OVERVIEW

IpTL Product/Appliance	Status	Description
FastLane™ appliances including virtual machines	Not impacted	Log4j2 not used.
IpTL CloudJoin™, egress, and data-switching services	Not impacted	Log4j2 not used.
IpTL SupportServer™ portals	Not impacted	Log4j2 not used.
Internal IpTL servers	Not impacted	Log4j2 not used.

SUMMARY

The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. A remote attacker could exploit this vulnerability to take control of an affected system. Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services.

AFFECTED PRODUCTS & SERVICES

none.

WORKAROUND & MITIGATION

none.

FIRMWARE UPDATES & FIXES

none.

COMMENTS

none.

PAGE REVISION

Revision	Date	Comment	Authority
R1	2021-12-12	Creation	IpTL Security Response (ISR)

REFERENCES

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

https://logging.apache.org/log4j/2.x/security.html

Informational Advisory Regarding Apache Log4j2 Issue (CVE-2021-44228)

IpTL products and services are NOT IMPACTED by the Log4j2 CVE-2021-44228 Vulnerability

IPTL Security Response Advisory Notice: ISR-2021121201

What We Do

About Us

Support

Contacts

IP Technology Labs