Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

KB ID: 10061

Product: vProtect

Version: 4.2.0-4.3.0

Published: 2021-12-14

Last modified: 2021-12-14

Problem

There’s a known bug in the Apache Log4j2 library that allows an attacker to perform RCE attack CVE-2021-44228, and another bug allowing to perform DoS attack CVE-2021-45046.

Solution

To patch the vulnerabilities in CVE-2021-44228 and CVE-2021-45046 please update vprotect to the following versions:

vProtect version 4.3.0

  • server: 4.3.0-45

  • node: 4.3.0-44

vProtect version 4.2.0

  • server: 4.2.0-41

  • node: 4.2.0-29

Instructions on how to upgrade the vProtect are available in the Documentation

  • No labels