Log4j zero-day vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

Notice regarding the Apache Log4j zero-day vulnerability (CVE-2021-44228):

All previous Chronicall, Avaya Call Reporting, and Xima CCaaS releases used Log4j 1 series versions without the JMS Appender class and were therefore not susceptible to this specific attack. 

  • Regardless, Xima Software has updated to the latest Log4j patched version.
    • Version 4.4(0ah) and beyond now use log4j version 2.17.1.
Was this article helpful?
19 out of 23 found this helpful

Table of Contents

    Environment

    Operating System

    PBX System

    Chronicall Version