Log4J Vulnerability CVE-2021-44228

Log4J Vulnerability CVE-2021-44228

Issue

A vulnerability was discovered in Apache Log4j2. Does this vulnerability affect Unified Workspace? If so, how do we go about mitigation of the vulnerability?



Solution

Unified Workspace does use Log4J 1.2.16.

We have confirmed that Log4J 1.x does NOT offer a JNDI lookup mechanism at the message level, and therefore is NOT susceptible to this vulnerability.


Our developers, however, are currently working on upgrading Log4J to the most current release, in the next release of Unified Workspace.
    • Related Articles

    • Log4J 1.x Vulnerability CVE-2021-4104

      Issue A vulnerability was discovered in Apache Log4j1.x. Does this vulnerability affect Unified Workspace? If so, how do we go about mitigation of the vulnerability? CVE-2021-4104 Solution Unified Workspace does use Log4J 1.2.16. This vulnerability ...
    • How to setup console log to file

      Problem:  Troubleshooting an issue, but it is only happening intermittently.  Real-time logging is not sufficient in these instances, so you can setup logging to file instead.    Prerequisite(s): webNetwork 6.3.0.199 or above Ability to ...
    • How much data is stored in the Internet history log?

      Problem: How much data is stored in the Internet history log? Solution(s):  The internet history log file can grow to 500 KB and then it rolls over. That should translate to a few months worth of student data. *When right-clicking a Student thumbnail ...
    • How can I notify a user, when they log in, that their password will expire soon?

      This is a sample profile Login Script that will tell the user when their password expires, each time they log into webNetwork / Unified Workspace.  Once the user reaches the limit where their password will expire in 4 days, the Change Password link ...
    • webRDP 1.3.0.6

      webRDP HTML Gateway 1.3.0.6 release notes Maintenance updates: Updated licensing engine to support new 1.3 license files Added Clickjacking security (consequently broke iframes, a fix is currently in process) Updated JVM to 1.8 update 141 Updated ...
    • Popular Articles

    • Configuring and Troubleshooting Wake on Lan

      This content has moved! Visit the new LanSchool Classic Help Desk It looks like you may be interested in Configuring and Troubleshooting Wake on Lan.
    • Reporting server discovery

      The discovery of the reporting server is done automatically and cannot be configured by the end user.  The reporting server will broadcast on UDP 796 a packet containing the address of the reporting server.    - In a peer to peer environment, the ...
    • Registry Switches for Options

      Problem: What are the registry switches for the Options key? Solution(s): In the registry of the Teacher or Student machine, locate the following registry location and make changes to the key named Options: 32-bit:  HKLM\Software\Lanschool 64-bit:  ...
    • Configuring Enterprise Data Collection on the LCS

      Get even more from your classroom management solution with educator usage data. Determine whether or not LanSchool is effectively incorporated into the classroom on a school- or district-wide scale.  This guide will show you how to enable and ...
    • Creating a shortcut to Open Teacher Console

      Problem: How to create a Teacher Console shortcut on Windows. Cause: N/A Prerequisite(s):  LanSchool Teacher on Windows Solution(s): To create a shortcut and have the console popup in Windows.  To create a shortcut and send the LanSchool Teacher to ...
    • Recent Articles

    • X-Content-Type-Options=nosniff header breaks Public webApp

      Issue Customers have added security headers to their SSL Offloading appliance to meet new security standards.  Now when launching a Public webApp, instead of the application properly launching the browser just displays the HTML code. Solution We've ...
    • Unified Workspace Support for Windows Server 2022

      Issue Is Windows Server 2022 supported by Unified Workspace? Solution We are still in full testing of UW on Windows Server 2022, however we are seeing that UW functions properly on Server 2022. The issue we have with Windows Server 2022 is that our ...
    • Log4J 1.x Vulnerability CVE-2021-4104

      Issue A vulnerability was discovered in Apache Log4j1.x. Does this vulnerability affect Unified Workspace? If so, how do we go about mitigation of the vulnerability? CVE-2021-4104 Solution Unified Workspace does use Log4J 1.2.16. This vulnerability ...
    • Log4J Vulnerability CVE-2021-44228

      Issue A vulnerability was discovered in Apache Log4j2. Does this vulnerability affect Unified Workspace? If so, how do we go about mitigation of the vulnerability? CVE-2021-44228 Solution Unified Workspace does use Log4J 1.2.16. We have confirmed ...
    • Management Console non-directory credentials

      Question How can I access Unified Workspace if my directory credentials are not working? For example: We are having directory issues and need to configure Unified Workspace to connect to a different Directory Controller. Solution The Management ...