On December 9th, 2021, a vulnerability was disclosed in Apache Log4j2 with CVE-2021-44228. Conair is aware of this security issue, known as Log4Shell.
During further investigations, an issue was also discovered in the Log4j1.x. This vulnerability is tracked as CVE-2021-4104.
Conair is evaluating the impact for all potentially affected Conair products and has contacted all applicable control platform vendors.
Affected Products:
- No products of Conair have been identified as affected by CVE-2021-44228 (Log4Shell).
- No products of Conair have been identified as affected by CVE-2021-4104.
Conair and our vendors continue to monitor the situation and will update this notice if the status changes.
References