Switch Automation and their product offerings are NOT affected by this cyber-threat.
On Friday (12-10-21) a new security Advisory was released for a program called Log4Shell.
NVD - CVE-2021-44228 (nist.gov)
Log4Shell is a vulnerability using the Log4J framework. Log4J is a widely used Java library for logging error messages in applications. It is used in enterprise software applications, including those custom applications developed in-house by businesses, and forms part of many cloud computing services.
This vulnerability allows any individual or program with network access to a device to cause an outbound request. This request can force the software to download malware, a root kit, or to send information and variables (like passwords, encryption keys, files, etc) outbound. This is going to be classified and described as one of the biggest vulnerability flaws and issues in technology.
Comments
0 comments
Article is closed for comments.