Apache Log4j vulnerability

Apache Log4j vulnerability

As many people are aware, a vulnerability was found in Log4j, a 3rd party library that is commonly used in Java-based applications (CVE-2021-44228).

While this vulnerability does not affect any of the Art of WiFi solutions (software and services), it does affect all UniFi Controller/Network Application versions before version 6.5.54. We therefore highly recommend all our customers upgrade to 6.5.54 as soon as possible. When in doubt whether the Art of WiFi solution you’re using will work with that new UniFi Controller/Network Application release, please reach out to us at support@artofwifi.net.

External links

UniFi Controller/Network Application version 6.5.54:
https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1

Official Mitre publication for CVE-2021-44228:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228

Ubiquiti’s initial response to the CVE publication:
https://community.ui.com/questions/UniFi-Controller-security-concern-zero-day-Log4j-exploit/007103a6-823b-4316-ae76-17942539208c#answer/b098ad67-22aa-42ce-9580-c0a7d91c4b89

Ubiquiti’s official Security Bulletin:
https://community.ui.com/releases/Security-Advisory-Bulletin-023-023/808a1db0-5f8e-4b91-9097-9822f3f90207

Edit: added link to Ubiquiti’s Security Bulletin

Having worked in the IT industry for many years, Erik has gained broad experience in many IT-related aspects such as security, network management and design and service management. Erik founded Art of WiFi in 2016 to help improve the WiFi experience for as many users and companies as possible.

0 Comments

Leave a reply

Your email address will not be published.

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.