Log4j image.

Yet another Apache Log4j vulnerability

Summary

A vulnerability (CVE-2021-45046) was discovered in the recently released fix for the previous vulnerability in Apache Log4j, which we discussed here. This new vulnerability affects all UniFi Controller/Network Application versions 6.5.54 and lower.

Recommendations

The Apache team has released a new fix, which Ubiquiti has implemented in UniFi Controller/Network Application version 6.5.55. We highly recommend that all UniFi users update to this version as soon as possible.

This latest vulnerability has no effect at all on any of the Art of WiFi solutions.

When in doubt whether the Art of WiFi solution you’re using will work with that new UniFi Controller/Network Application release, please reach out to us.

External links

UniFi Controller/Network Application version 6.5.55:
community.ui.com

Official Mitre publication for CVE-2021-45046:
cve.mitre.org

Posted on: December 15th, 2021

On: Security

log4j

security

Share this on social media