Skip to main content

It seems there is also vulnerability in 2.17.0, is there already testing or recommendation on moving to the 2.17.1 version?

Hi @salsarocks ,

Thanks for your post.

NetBrain IE is not affected by CVE-2021-44832.  NBIE does not use JDBC with log4j2, and the logging configuration file is only accessible to the system administrator of the servers that are running NBIE.

There is no current plan to patch previously released versions(2.17.0); however, NBIE will upgrade the log4j2 library to the recommended version (2.17.1) in the upcoming 10.1 release.

Hello, 

To confirm does that mean if we running Integrated Version 8.03 we would have to upgrade to version first?

@afressy  Please see the instruction and patches to fix the issue: https://community.netbraintech.com/articles/SecurityAdvisories/NBSA-2021-10-002-Official-fix-for-13-12-2021

Reply


Terms & ConditionsCookie settings
Community |  Ideas

Facebook |  Instagram |  Youtube |  Twitter |  LinkedIn
Privacy & Security Statement  |  Terms & Conditions |  Impressum  |  UK Modern Slavery Statement
Copyright © 2021 by NetBrain Technologies Inc. - All rights reserved.