myDRE NOT vulnerable for CVE-2021-4428 - Apache Log4J2

myDRE NOT vulnerable for CVE-2021-4428 - Apache Log4J2

anDREa does not use Apache Log4J2 nor forks in production.

update: 2021/12/13
Workspaces that might have installed Log4J2 on their VM(s), Windows or Linux, are not vulnerable for no Workspace is allowed to have inbound access.


Update: 2021/12/13
Ticket and Knowledge Base (support.mydre.org, running on ZoHo Desk) is not vulnerable.

    • Related Articles

    • myDRE is NOT vulnerable for Text4Shell (CVE-2022-42889)

      TL;DR myDRE is NOT vulnerable for Text4Shell (CVE-2022-42889). The National Cyber Security Center (NCSC) has announced that a vulnerability with impact High/High (CVE-2022-42889) has been identified in Apache Commons Text v1.5-v1.9. It is being ...

    • myDRE is NOT vulnerable for CVE-2022-26809

      Last “patch Tuesday” Microsoft disclosed and fixed a large number of serious vulnerabilities in Microsoft Windows. One of these vulnerabilities is identified as CVE-2022-26809 with a CVSS score of 9.8 (scale 1-10). myDRE is NOT vulnerable for ...

    • Vulnerability in Apache Log4j (CVE-2021-44228)

      Background See: https://nvd.nist.gov/vuln/detail/CVE-2021-44228 Impact on anDREa and all its services Production anDREa does not use Log4J or forks in production. Impact: NONE Actions: no action needed update: 2021/12/13 Workspaces that might have ...

    • myDRE is NOT vulnerable for CVE-2022-26809 - Serious Vulnerabilities in Microsoft Windows Workplaces and Servers

      Situation Last “patch Tuesday” Microsoft disclosed and fixed a large number of serious vulnerabilities in Microsoft Windows. One of these vulnerabilities is identified as CVE-2022-26809 with a CVSS score of 9.8 (scale 1-10). CVE-2022-26809 is a ...

    • Roles in myDRE workspace

      Roles are defined per workspace. A myDRE user can have different roles in different workspaces they are part of. The role definitions are defined further in this document: Roles in myDRE workspace.