Informational Advisory Regarding Apache Log4j2 Issue (CVE-2021-44228)

IpTL products and services are NOT IMPACTED by the Log4j2 CVE-2021-44228 Vulnerability 

IPTL Security Response Advisory Notice: ISR-2021121201

OVERVIEW

IpTL Product/Appliance Status Description
FastLane™ appliances including virtual machines Not impacted Log4j2 not used.
IpTL CloudJoin™, egress, and data-switching services Not impacted Log4j2 not used.
IpTL SupportServer™ portals Not impacted Log4j2 not used.
Internal IpTL servers Not impacted Log4j2 not used.

 

SUMMARY

The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. A remote attacker could exploit this vulnerability to take control of an affected system. Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services.


 

AFFECTED PRODUCTS & SERVICES

none.


WORKAROUND & MITIGATION

none.


FIRMWARE UPDATES & FIXES

none.


COMMENTS

none.


PAGE REVISION

Revision Date Comment Authority
R1 2021-12-12 Creation IpTL Security Response (ISR)

REFERENCES

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

https://logging.apache.org/log4j/2.x/security.html

Menu

IP Technology Labs