IceWarp log4j / log4shell
CVE-2021-44228
Can anyone tell if IceWarp is also affected by the log4j zero-day exploit?
I saw in another forum entry that this is present there, at least log-wise:
change /etc/onlyoffice/documentserver/log4js/production.json from "WARN" to "DEBUG" mode
-
Hello
I want to confirm that IceWarp is not affected by the log4j vulnerability in any way.
Please find our official statement here.
-
Unfortunately, if you are using one of the products affected by the log4j zero-day exploit, most of the security fixes fall in the hands of companies and products that use Log4j. At the moment, their security teams need to identify devices that run Log4j and update them to Log4j-2.16 or a later version.
Please sign in to leave a comment.
Comments
2 comments