Blancco is aware of the remote code execution vulnerability (CVE-2021-44228) which was reported in the Apache Log4J library on 10th December 2021. This commonly used library is utilized by the Blancco Management Console.
We are working on addressing the vulnerability on the highest priority and will be providing a fix version later today.
Blancco Cloud and any other Blancco hosted instances affected by this vulnerability have been already patched and are not affected by this anymore. For the on-premise version of Blancco Management Console, there will be a fix release, version 5.11.1, available as soon as possible to mitigate this vulnerability. This news post will be updated after the fix release is available for download.
If you need additional details or you have any questions regarding the vulnerability, you can submit a ticket atsupport@blancco.com or through the Support Portal.
CVE-2021-44228 - Critical vulnerability in Apache Log4j library
Blancco is aware of the remote code execution vulnerability (CVE-2021-44228) which was reported in the Apache Log4J library on 10th December 2021. This commonly used library is utilized by the Blancco Management Console.
We are working on addressing the vulnerability on the highest priority and will be providing a fix version later today.
Blancco Cloud and any other Blancco hosted instances affected by this vulnerability have been already patched and are not affected by this anymore. For the on-premise version of Blancco Management Console, there will be a fix release, version 5.11.1, available as soon as possible to mitigate this vulnerability. This news post will be updated after the fix release is available for download.
If you need additional details or you have any questions regarding the vulnerability, you can submit a ticket at support@blancco.com or through the Support Portal.