On December 9th, 2021, a vulnerability was disclosed in Apache Log4j2 with CVE-2021-44228. Conair is aware of this security issue, known as Log4Shell.

During further investigations, an issue was also discovered in the Log4j1.x. This vulnerability is tracked as CVE-2021-4104.

Conair is evaluating the impact for all potentially affected Conair products and has contacted all applicable control platform vendors.

 

Affected Products:

  • No products of Conair have been identified as affected by CVE-2021-44228 (Log4Shell).
  • No products of Conair have been identified as affected by CVE-2021-4104.

 

Conair and our vendors continue to monitor the situation and will update this notice if the status changes.

 

References