-
2
- #21
PSN005946u is available regarding IP Office:
Products affected
IP Office Perpetual, Subscription, Powered By VM
Releases: 11.0.4.1 to 11.0.4.6. 11.1.0.0 to 11.1.2.0
Problem description
The one-X Portal for IP Office, Media Manager, Web RTC Gateway and Web Collaboration
applications are susceptible to the Log4j vulnerability CVE-2021-44228: Apache Log4j2 JNDI features
do not protect against attacker controlled LDAP and other JNDI related endpoints.
This issue does not affect IP Office Basic Edition, Preferred Edition, Branch deployments or IP Office
Powered By Containers
Resolution
A patch will be provided on or before 17th December 2021 to remediate all affected releases.
Workaround or alternative remediation
Ensure one-X Portal for IP Office, Media Manager, Web RTC Gateway and Web Collaboration
services are disabled
Products affected
IP Office Perpetual, Subscription, Powered By VM
Releases: 11.0.4.1 to 11.0.4.6. 11.1.0.0 to 11.1.2.0
Problem description
The one-X Portal for IP Office, Media Manager, Web RTC Gateway and Web Collaboration
applications are susceptible to the Log4j vulnerability CVE-2021-44228: Apache Log4j2 JNDI features
do not protect against attacker controlled LDAP and other JNDI related endpoints.
This issue does not affect IP Office Basic Edition, Preferred Edition, Branch deployments or IP Office
Powered By Containers
Resolution
A patch will be provided on or before 17th December 2021 to remediate all affected releases.
Workaround or alternative remediation
Ensure one-X Portal for IP Office, Media Manager, Web RTC Gateway and Web Collaboration
services are disabled