Product Security NetRise not impacted by Log4j vulnerability

Vulnerability impacting Apache Log4j versions 2.0 to 2.14.1 disclosed on December 9, 2021, designated as CVE-2021-44228 with the highest severity rating

Thomas Pace

A newly revealed vulnerability impacting Apache Log4j 2 versions 2.0 to 2.14.1 was disclosed on the project’s GitHub on December 9, 2021, and designated as CVE-2021-44228 with the highest severity rating of 10. The flaw has been dubbed Log4Shell.

Log4j 2 is an open-source Java logging library that is widely used in a range of software applications and services around the world. The vulnerability can allow threat actors the opportunity to take control of any Java-based, internet-facing server and engage in Remote Code Execution (RCE) attacks. 

NetRise is aware of the Log4j vulnerability and has completed verification that this issue does not affect NetRise products or services. NetRise has patched Log4j and also removed JndiLookup and set log4j2.FormatMsgNoLookups to True.
Thomas Pace

Written By: Thomas Pace

Prior to founding NetRise, Thomas spent 16 years working in security across multiple roles and disciplines. From serving in the United States Marine Corps, being responsible for ICS security within the Department of Energy and most recently serving as Global Vice President for Cylance, Thomas has been a proven leader and innovator within cybersecurity. Thomas has also responded to hundreds of security incidents globally and shared his experience at multiple security conferences such as RSA and Black Hat.

Stay Up to Date with NetRise

Sign Up To Get Recent News and Our Product Updates Delivered To Your Inbox