An Update on the Apache Log4j CVE-2021-44228 Vulnerability

Trinisys is actively responding to the reported remote code execution vulnerability in the Apache Log4j 2 Java library dubbed Log4Shell (or LogJam).  We are investigating and taking action for Trinisys products and services that may be potentially impacted.

We are updating products where necessary to Log4j version 2.15, which fixes the vulnerability, and applying mitigations in the interim, even in cases where additional control layers such as network controls and application firewalls and controls have prevented the exploitation of this vulnerability.

Reference material can be found at the Apache.orgLog4j Security Vulnerability page.

As additional updates become available, information will be updated in the online product documentation here.