NetGain Fix For Security Alert Advisory CVE-2021-4228 & CVE-2021-45046
December 15, 2021 NetGain Systems
In News

NetGain Fix For Security Alert Advisory   

CVE-2021-4228 & CVE-2021-45046

What is the Security Alert about?

The CVE (Common Vulnerabilities and Exposures) program this past weekend published a vulnerability in the Java logging library, Apache Log4j, that could allow attackers to gain full control of affected servers. Tracked as CVE-2021-44228, the vulnerability affects systems that use Apache Log4j versions 2.0 to 2.14.1.

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This is tracked as CVE-2021-45046.

 

What should I do?

Customers with NetGain EM (Enterprise Manager), CV (Cloud Vista) or emedge v11 are advised to update to NetGain EM / CV / emedge v11.2.126. This will upgrade the Log4j library to version 2.16.0 which fixes this vulnerability.

Customers using an earlier version of NetGain EM / CV / emedge (before v11) are requested to contact us here.

More information on this Security Alert Advisory can be found here.

 

Comments (0)

Leave a reply