Technical Portal - Manuals, Datasheets, Firmware and more
Wednesday, 15 December 2021
Late last month, a major security vulnerability was discovered in the widely used logging library Log4j. The vulnerability allows a malicious third party to execute arbitrary code on a vulnerable system and potentially take full control of the system.
This library is developed and maintained by Apache, and they have already released a patch to resolve this issue on affected systems. Apache have announced that upgrading Log4j to this latest patch will remove this vulnerability.
Please find official information released by Apache here: https://logging.apache.org/log4j/2.x/security.html
None of Inner Range’s products utilize Log4j in any form. All three of our Security and Access Control Systems (Integriti, Inception and Insight), our cloud platforms (SkyTunnel, Skycommand, Keypoint and Multipath), and our alarm reporting devices (T4000) use internally developed logging code that caters to the requirements of our systems and are not affected by this vulnerability.
Whilst Inner Range’s suite of products are not affected by the vulnerability, our statement does not cover various systems that our products are integrated with due to possible vulnerabilities in the 3rd party products. This includes applications that utilize our REST API, DUIM, and Review IO functions. Customers seeking clarification on these should direct their enquiries to the vendors of those 3rd party products.
If you have any questions about how Inner Range can make your life easier and more secure with state-of-the-art technology, please contact us to discuss your specific requirements.
Open: 8:30am to 5:00pm Monday to Friday
1 Millennium Court, Knoxfield, Victoria, 3180, Australia
+61 3 9780 4300
Categories: NewsNumber of views: 746