Apache Log4j Zero-Day Vulnerability
AKA – Log4Shell (CVE-2021-44228)
Overview
A severe remote code vulnerability was discovered in Apache’s Log4j logging system. Log4j is used by many Java-based applications and services. The zero-day vulnerability affects software using this logging library and allows unauthenticated remote code execution. It enables attackers to gain full control of affected servers and/or users.
CVE-2021-44228 is classified as a severe vulnerability.
Impact on OVD Enterprise
Inuvika has completed an investigation to determine whether OVD Enterprise or any other Inuvika-developed components are impacted.
At this point, Inuvika has not identified vulnerabilities that impact our products or services. We will continue to monitor the situation carefully. In the event that the situation changes, we will notify customers by email and post updates on the Inuvika Support Webpage.
For More Information
Inuvika customers who use Stratodesk NoTouch endpoint devices should refer to Stratodesk’s advisory: The log4shell vulnerability – What to know – Stratodesk NoTouch
If you have additional questions related to Inuvika and CVE-2021-44228, please email [email protected]
Legal Disclaimer
All data and information provided in this advisory are provided for informational purposes only and are provided “as is” without any warranties or guarantees, express or implied, including without limitation, any warranties or guarantees relating to the accuracy or reliability of the contents of the information. In no event shall Inuvika and/or its subsidiaries and affiliates be liable to any party for any direct, indirect, special, punitive, consequential, or incidental damages in connection with any reliance on or use of the information, including without limitation, loss of business revenue or earnings, lost data, damages caused by delays, lost profits or a failure to realize expected savings or revenues, even if Inuvika was expressly advised of the possibility of such damages.