Technical Bulletin: Apache Software Log4j – Security Vulnerability CVE-2021-44228
Release Date: December 14, 2021
NOTICE: The information in this document, including products and software versions, is current as of the Release Date. This document is subject to change without notice.
Top Gun Technology (TGT) Impact Analysis of Internal Systems and Service Platforms
TGT has conducted a vulnerability review and has not identified any impacts to TGT internal systems or service platforms.
On December 10th the National Vulnerability Database released alert CVE-2021-44228 relating to Apache Log4j2 vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2021-44228. Log4j is a commonly used logging library made by the Apache Software Foundation. Information can be found at https://logging.apache.org/log4j/2.x/security.html
TGT recommends that clients review their products and check for vulnerable versions of Apache Log4j in their environments and applications and apply fixes as recommended by the OEM.
12/14/2021: The following matrix can provide further information on the impact to specific OEM Products.
Top Gun Technology, Inc shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided “as is” without warranty of any kind. To the extent permitted by law, neither TGT nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice.