[Known Issue] Apache Log4j 2 vulnerability (CVE-2021-44228)

Follow

Comments

8 comments

  • Avatar
    AppsAnywhere Support

    14th December 2021

    Article updated with confirmation that Cloudpaging Server is not affected by CVE-2021-44228.

    0
    Comment actions Permalink
  • Avatar
    AppsAnywhere Support

    15th December 2021

    Article updated to publish the new version of AppsAnywhere Analytics.

    0
    Comment actions Permalink
  • Avatar
    AppsAnywhere Support

    16th December 2021

    Article updated as Analytics upgrades have been placed on hold while Looker determine the impact of NVD - CVE-2021-45046 (nist.gov).

    0
    Comment actions Permalink
  • Avatar
    AppsAnywhere Support

    20th December 2021

    Article updated to publish the new version of AppsAnywhere Analytics as a resolution to CVE-2021-45046.

    0
    Comment actions Permalink
  • Avatar
    AppsAnywhere Support

    21st December 2021

    Article updated as Analytics upgrades have been placed on hold while Looker resolve CVE-2021-45105.

    0
    Comment actions Permalink
  • Avatar
    AppsAnywhere Support

    22nd December 2021

    Article updated with confirmation from Looker that AppsAnywhere Analytics is not vulnerable to CVE-2021-45105.

    0
    Comment actions Permalink
  • Avatar
    AppsAnywhere Support

    05 January 2022

    Article updated with details of Cloudpaging Server 9.4.2 that is delivered with updated Log4j components and the ability to update it on Cloudpaging Server.

    0
    Comment actions Permalink
  • Avatar
    AppsAnywhere Support

    07 January 2022

    Article updated to publish that the new version of AppsAnywhere Analytics is ready for deployment.

    Customers on the previous build of AppsAnywhere Analytics (21.04.16) have the option of applying an in place upgrade to Looker or upgrading to the new build. 

    All other customers will need to deploy the new appliance build and arrange a time to upgrade.

    AppsAnywhere Support will contact all customers from 10th January 2022 to advise on whether an in place upgrade or deployment of a new server is recommended.

    0
    Comment actions Permalink

Article is closed for comments.