XPLG Security Update
After an extensive security audit of the entire XPLG environment, we have found that none of the XPLG product suite systems contain the software identified in the vulnerability disclosure. XPLG is using Log4J in several of its services, however none in the versions range exposed to the critical vulnerability (CVE-2021-44228).
Although this vulnerability does not compromise XPLG users, we are always committed to keeping our products' security up to date with the latest secured libraries.
XPLG has released a security update that replaces all Log4J libraries to the latest Log4J version 2.16.0 (confirmed to be secured by Apache).
Additional information and detailed update procedure:
https://wiki.xpolog.com/display/XPOL/7.8067+(Log4J)+-+Release+Notes
XPLG Team
Comments