Author Topic: MiCollab 9.x Log4j vulnerability  (Read 1990 times)

Offline lundah

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1216
  • Country: us
  • Karma: +66/-0
  • Senior Chief Grunt
    • View Profile
MiCollab 9.x Log4j vulnerability
« on: December 15, 2021, 10:48:33 AM »
In case you missed the post in the MiVB/3300 forum, MiCollab 9.x is impacted by the Log4j vulnerability. Mitel has issued a security advisory and a patch, which requires a reboot of the MiCollab server:

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010


Offline mark.vanderheijden

  • Full Member
  • ***
  • Posts: 130
  • Country: nl
  • Karma: +8/-0
    • View Profile
Re: MiCollab 9.x Log4j vulnerability
« Reply #1 on: December 16, 2021, 04:07:50 AM »
Not only 9.x servers but also 8.x, you can apply the same patch for that versions.

Offline lundah

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1216
  • Country: us
  • Karma: +66/-0
  • Senior Chief Grunt
    • View Profile
Re: MiCollab 9.x Log4j vulnerability
« Reply #2 on: December 16, 2021, 08:43:28 AM »
Not only 9.x servers but also 8.x, you can apply the same patch for that versions.

Well that's new since I looked at this yesterday. Guess I have a few more systems to patch.

Offline lundah

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1216
  • Country: us
  • Karma: +66/-0
  • Senior Chief Grunt
    • View Profile
Re: MiCollab 9.x Log4j vulnerability
« Reply #3 on: December 17, 2021, 03:49:04 PM »
A couple more updates are out, MiCollab 7.1 and newer, and MiVB Express 7.1 thru 8.0 are vulnerable and should be patched. Same patch procedure for all versions of these platforms.

EX controller running MiVB 9.2 is also vulnerable but a patch is not out yet.


 

Sitemap 1 2 3 4 5 6 7 8 9 10