{"id":28339,"date":"2021-12-14T20:18:07","date_gmt":"2021-12-14T19:18:07","guid":{"rendered":"https:\/\/www.mvc.de\/log4j-security-vulnerability\/"},"modified":"2021-12-14T20:18:08","modified_gmt":"2021-12-14T19:18:08","slug":"log4j-security-vulnerability","status":"publish","type":"post","link":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/","title":{"rendered":"log4j security vulnerability"},"content":{"rendered":"<div  style='padding-bottom:10px; ' class='av-special-heading av-special-heading-h1    avia-builder-el-0  el_before_av_slideshow  avia-builder-el-first  '><h1 class='av-special-heading-tag '  itemprop=\"headline\"  >log4j vulnerability &#8211; information about affected products from our vendors<\/h1><div class='special-heading-border'><div class='special-heading-inner-border' ><\/div><\/div><\/div>\n<div   data-size='featured'  data-lightbox_size='large'  data-animation='slide'  data-conditional_play=''  data-ids='28331'  data-video_counter='0'  data-autoplay='false'  data-bg_slider='false'  data-slide_height=''  data-handle='av_slideshow'  data-interval='5'  data-class=' avia-builder-el-1  el_after_av_heading  el_before_av_textblock  '  data-el_id=''  data-css_id=''  data-scroll_down=''  data-control_layout='av-control-default'  data-custom_markup=''  data-perma_caption=''  data-autoplay_stopper=''  data-image_attachment=''  data-min_height='0px'  data-lazy_loading='disabled'  data-default-height='28.666666666667'  class='avia-slideshow avia-slideshow-1  av-control-default av-default-height-applied avia-slideshow-featured av_slideshow  avia-builder-el-1  el_after_av_heading  el_before_av_textblock   avia-slide-slider '  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><ul class='avia-slideshow-inner ' style='padding-bottom: 28.666666666667%;' ><li  class=' av-single-slide slide-1 ' ><div data-rel='slideshow-1' class='avia-slide-wrap '   ><img fetchpriority=\"high\" fetchpriority=\"high\" decoding=\"async\" class=\"wp-image-28332 avia-img-lazy-loading-not-28332\"  src=\"https:\/\/www.mvc.de\/wp-content\/uploads\/2021\/12\/bigstock-Computer-Hacked-System-Error-431586776-1500x430.jpg\" width=\"1500\" height=\"430\" title='Computer Hacked, System Error, Virus, Cyber attack, Malware Conc' alt='log4j Sicherheitsl\u00fccke'  itemprop=\"thumbnailUrl\"   \/><\/div><\/li><\/ul><\/div>\n<section class=\"av_textblock_section \"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock  '   itemprop=\"text\" ><p>Attackers can execute arbitrary code via a critical zero-day vulnerability called Log4Shell in the widely used Java logging library Log4j. The German Federal Office for Information Security (BSI) rates the risk posed by the vulnerability on the so-called CVSS scale at 10, the highest possible value.<\/p>\n<p>Therefore, we would like to provide you with the necessary information about affected products below.<\/p>\n<p>Translated with www.DeepL.com\/Translator (free version)<\/p>\n<\/div><\/section>\n<div class=\"flex_column av_one_full  flex_column_div first  avia-builder-el-3  el_after_av_textblock  el_before_av_textblock  column-top-margin\" style='background: #5a99c7; padding:20px; background-color:#5a99c7; border-radius:0px; '><section class=\"av_textblock_section \"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock  av_inherit_color '  style='color:#ffffff; '  itemprop=\"text\" ><h2>The following products are currently certainly affected:<\/h2>\n<p>Poly &#8211; <a href=\"https:\/\/support.polycom.com\/content\/support\/security-center.html\">https:\/\/support.polycom.com\/content\/support\/security-center.html<\/a> (PLYGN21-08)<\/p>\n<ul>\n<li>DMA Edge<\/li>\n<li>DMA Core<\/li>\n<li>and maybe RPAD<\/li>\n<\/ul>\n<p><strong>Cisco &#8211;\u00a0<a href=\"https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-apache-log4j-qRuKNEbd\">https:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-apache-log4j-qRuKNEbd<\/a><\/strong><\/p>\n<ul>\n<li>CUCM ( Version11.5(1)SU7 \u2013 11.5(1)SU10 )<\/li>\n<li>CUPS ( Version 11.5(1)SU7 \u2013 11.5(1)SU10 )<\/li>\n<li>Unity Connection ( Version 11.5(1)SU7 \u2013 11.5(1)SU10 )<\/li>\n<li>Contact Center<\/li>\n<li>SIP Proxy<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<\/div><\/section><\/div>\n<section class=\"av_textblock_section \"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock  '   itemprop=\"text\" ><h2>According to current knowledge, the following products are not affected by the vulnerability:<\/h2>\n<p><strong>Pexip &#8211; https:\/\/www.pexip.com\/blog1.0\/pexip-statement-on-log4j-vulnerability<\/strong><br \/>\nInfinity Plattform<\/p>\n<p><strong>Logitech<\/strong><br \/>\nMTR System<\/p>\n<p><strong>Crestron<br \/>\n<\/strong>MTR System<\/p>\n<p><strong>Cisco<\/strong><\/p>\n<ul>\n<li>VCS \/ Expressway<\/li>\n<li>CMS<\/li>\n<li>Video endpoints<\/li>\n<li>TMS<\/li>\n<\/ul>\n<p><strong>Poly &#8211; <a href=\"https:\/\/support.polycom.com\/content\/support\/security-center.html\">https:\/\/support.polycom.com\/content\/support\/security-center.html<\/a> (PLYGN21-08)<\/strong><br \/>\nVideo endpoints of X- and G7500 series<\/p>\n<p>As of now, no manufacturer offers patched software or workarounds. It must be assumed that devices that can be reached from the Internet have already been compromised.<\/p>\n<p>We recommend that devices directly accessible from the Internet are isolated by firewalls or shut down until patches are available. Before doing so, you should create a backup of the configuration.<\/p>\n<p>If you need our assistance in assessing the situation or have any queries, please feel free to contact us at <a href=\"support@mvc.de\">support@mvc.de.<\/a><\/p>\n<p>Please note that in this article we will only discuss the products we sell and operate and not the full range of products offered by the manufacturers.<\/p>\n<p>&nbsp;<\/p>\n<\/div><\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":26,"featured_media":28332,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[196,177,256],"tags":[258,257,259],"class_list":["post-28339","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledge","category-mvc-news-en","category-partner-news-en","tag-log4j-security-vulnerability","tag-security-vulnerability","tag-the-federal-office-for-information-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>log4j security vulnerability - MVC Mobile VideoCommunication GmbH<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"log4j security vulnerability - MVC Mobile VideoCommunication GmbH\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"MVC Mobile VideoCommunication GmbH\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/MVC.VideoCommunication\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-14T19:18:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-12-14T19:18:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mvc.de\/wp-content\/uploads\/2021\/12\/bigstock-Computer-Hacked-System-Error-431586776-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1440\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Irene\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@mvc_video\" \/>\n<meta name=\"twitter:site\" content=\"@mvc_video\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irene\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"log4j security vulnerability - MVC Mobile VideoCommunication GmbH","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"log4j security vulnerability - MVC Mobile VideoCommunication GmbH","og_url":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/","og_site_name":"MVC Mobile VideoCommunication GmbH","article_publisher":"https:\/\/www.facebook.com\/MVC.VideoCommunication\/","article_published_time":"2021-12-14T19:18:07+00:00","article_modified_time":"2021-12-14T19:18:08+00:00","og_image":[{"width":2560,"height":1440,"url":"https:\/\/www.mvc.de\/wp-content\/uploads\/2021\/12\/bigstock-Computer-Hacked-System-Error-431586776-scaled.jpg","type":"image\/jpeg"}],"author":"Irene","twitter_card":"summary_large_image","twitter_creator":"@mvc_video","twitter_site":"@mvc_video","twitter_misc":{"Written by":"Irene","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/#article","isPartOf":{"@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/"},"author":{"name":"Irene","@id":"https:\/\/www.mvc.de\/en\/#\/schema\/person\/c537be11fe998a559dbfe5fbc8e7faa0"},"headline":"log4j security vulnerability","datePublished":"2021-12-14T19:18:07+00:00","dateModified":"2021-12-14T19:18:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/"},"wordCount":561,"publisher":{"@id":"https:\/\/www.mvc.de\/en\/#organization"},"image":{"@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mvc.de\/wp-content\/uploads\/2021\/12\/bigstock-Computer-Hacked-System-Error-431586776-scaled.jpg","keywords":["log4j security vulnerability","security vulnerability","The Federal Office for Information Security"],"articleSection":["Knowledge","MVC news","partner news"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/","url":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/","name":"log4j security vulnerability - MVC Mobile VideoCommunication GmbH","isPartOf":{"@id":"https:\/\/www.mvc.de\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/#primaryimage"},"image":{"@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mvc.de\/wp-content\/uploads\/2021\/12\/bigstock-Computer-Hacked-System-Error-431586776-scaled.jpg","datePublished":"2021-12-14T19:18:07+00:00","dateModified":"2021-12-14T19:18:08+00:00","breadcrumb":{"@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/#primaryimage","url":"https:\/\/www.mvc.de\/wp-content\/uploads\/2021\/12\/bigstock-Computer-Hacked-System-Error-431586776-scaled.jpg","contentUrl":"https:\/\/www.mvc.de\/wp-content\/uploads\/2021\/12\/bigstock-Computer-Hacked-System-Error-431586776-scaled.jpg","width":2560,"height":1440,"caption":"Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol. 3d rendering."},{"@type":"BreadcrumbList","@id":"https:\/\/www.mvc.de\/en\/log4j-security-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.mvc.de\/en\/"},{"@type":"ListItem","position":2,"name":"log4j security vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/www.mvc.de\/en\/#website","url":"https:\/\/www.mvc.de\/en\/","name":"MVC Mobile VideoCommunication GmbH","description":"Komplettanbieter von UCC-L\u00f6sungen","publisher":{"@id":"https:\/\/www.mvc.de\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mvc.de\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mvc.de\/en\/#organization","name":"MVC Mobile VideoCommunication GmbH","url":"https:\/\/www.mvc.de\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mvc.de\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.mvc.de\/wp-content\/uploads\/2018\/08\/mvc_logo_rgb_blue-e1534945352748.png","contentUrl":"https:\/\/www.mvc.de\/wp-content\/uploads\/2018\/08\/mvc_logo_rgb_blue-e1534945352748.png","width":92,"height":31,"caption":"MVC Mobile VideoCommunication GmbH"},"image":{"@id":"https:\/\/www.mvc.de\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/MVC.VideoCommunication\/","https:\/\/x.com\/mvc_video","https:\/\/www.instagram.com\/mvc_mobilevideocommunication\/","https:\/\/de.linkedin.com\/company\/mvc-mobile-videocommunication-gmbh","https:\/\/www.youtube.com\/user\/Videokonferenzen"]},{"@type":"Person","@id":"https:\/\/www.mvc.de\/en\/#\/schema\/person\/c537be11fe998a559dbfe5fbc8e7faa0","name":"Irene","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mvc.de\/en\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7ae4ad1e0ecb4c993d9cc325e65edf18706bb1b1d20637ad0f3736a88bb53d24?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7ae4ad1e0ecb4c993d9cc325e65edf18706bb1b1d20637ad0f3736a88bb53d24?s=96&d=mm&r=g","caption":"Irene"}}]}},"_links":{"self":[{"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/posts\/28339","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/comments?post=28339"}],"version-history":[{"count":2,"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/posts\/28339\/revisions"}],"predecessor-version":[{"id":28341,"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/posts\/28339\/revisions\/28341"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/media\/28332"}],"wp:attachment":[{"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/media?parent=28339"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/categories?post=28339"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mvc.de\/en\/wp-json\/wp\/v2\/tags?post=28339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}