search cancel

Log4jShell (or LogJam) vulnerability CVE-2021-44228, is Messaging Gateway vulnerable?

book

Article ID: 230349

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

It has been announced that a remotely exploitable 0-day vulnerability for the popular Java logging library Log4j has been discovered and that code to exploit this is in the public domain. If exploited, this enables execution of code and potentially full control of the target machine - scanning for vulnerable machines is now being reported.

Details of the CVE can be found here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228

CVE-2021-44228

Log4j is used widely by many applications for logging and the vulnerability affects versions 2.0 to 2.14.1 of Log4j

Resolution

SMG is not affected by this vulnerability.

For the latest Broadcom Symantec product information regarding this vulnerability, please see the related Symantec Security Advisory