Log4J Vulnerability CVE-2021-44228
Issue
A vulnerability was discovered in Apache Log4j2. Does this vulnerability affect Unified Workspace? If so, how do we go about mitigation of the vulnerability?
Solution
Unified Workspace does use Log4J 1.2.16.
We have confirmed that Log4J 1.x does NOT offer a JNDI lookup mechanism at the message level, and therefore is NOT susceptible to this vulnerability.
Our developers, however, are currently working on upgrading Log4J to the most current release, in the next release of Unified Workspace.
Can't find the KB
Unable to find the KB to address your issue ?
Recent Articles
Change Reset Password Button Text
Change the text of the "Reset Password" button on the UW Login Page How to change the text of the Reset Password button on the Login Page. Login to webNetwork and open webAdmin on your Relay Central Server Expand Customization Center Expand Tenants ...
Remove Reset Password Button From Login Page
Remove the Reset Password Button from the Login Page How to remove the Reset Password button from the Unified Workspace login page. Login to webNetwork and open webAdmin on your Relay Central Server Expand Customization Center Expand Tenants Expand ...
Lenovo Unified Workspace End-of-Life Questions and Answers
As of January 31st 2024, Lenovo Unified Workspace (formerly Stoneware WebNetwork) is no longer supported. This means that we no longer provide licenses, downloads, updates, patches, or technical assistance for this product. If you have any questions ...
How do I determine my Unified Workspace license expiration date?
The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...
Lenovo Unified Workspace 7.0.2.13 Released
Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...
Related Articles
Log4J 1.x Vulnerability CVE-2021-4104
Issue A vulnerability was discovered in Apache Log4j1.x. Does this vulnerability affect Unified Workspace? If so, how do we go about mitigation of the vulnerability? CVE-2021-4104 Solution Unified Workspace does use Log4J 1.2.16. This vulnerability ...
How to setup console log to file
Problem: Troubleshooting an issue, but it is only happening intermittently. Real-time logging is not sufficient in these instances, so you can setup logging to file instead. Prerequisite(s): webNetwork 6.3.0.199 or above Ability to ...
How can I notify a user, when they log in, that their password will expire soon?
This is a sample profile Login Script that will tell the user when their password expires, each time they log into webNetwork / Unified Workspace. Once the user reaches the limit where their password will expire in 4 days, the Change Password link ...
Google Security Checkup warning about UW access
Issue Google Security Checkup warns about the user's webStorage access to Google Drive as a possible security vulnerability. This is due to the developer being an Unverified developer. Unfortunately, Google verifies each application site ...
Debug CIFS file nodes
** Test with the Net use command ** From the main stoneware server go to a cmd prompt and type : ping server Where server = the server name that holds the share. Make sure the ip number that comes back is the proper ip number then do a : ping -a ...