Subscriber Discussion

Lenel-S2 Affected By Log4j Exploit?

Are Lenel-S2 Netbox and VRx products affected by the Log4j exploit?

Agree
Disagree
Informative
Unhelpful
Funny
Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.

* **** * ******* **** ******* for *** ******* ***** ** ********. They *** ******** ** **** * response *****. * **** **** **** I *** *** ***********. *****'* ***** anything ** ** *** *** *'* guessing **** **** ******* **** ** the **** ****.

******* **** ** **** **** **** based ***** ** ***** *** *** browser **** *** *** **** ** they ***** **.

Agree
Disagree
Informative
Unhelpful
Funny

***** ***

Agree
Disagree
Informative
Unhelpful
Funny

`*********** *** ********* *** ********* ** do *** **** **** **** ******* vulnerability (***-****-*****). **** ** **** *** NetBox, ***, *** ******.`

Agree: 1
Disagree
Informative: 2
Unhelpful
Funny

***** ***

Agree
Disagree
Informative
Unhelpful
Funny

*** ** ******** ********* ******* *** but * *** ****:

"********* **** ******* *.* ** ********, and **** *** ** ********* *********** by ********* *** ** ********* *******. We *** ******* *** **** ** provide * “***” *** *** ***** library. **’** **** *** ** ****** when **** *** **** *********. *** cybersecurity *** ******* ********** ***** *** in ************* **** **** ***** **** is ****."

Agree
Disagree
Informative: 2
Unhelpful
Funny

*******

Agree
Disagree
Informative
Unhelpful
Funny: 1

{ *-**** ******** ****LenelS2 <*******@*******.***> ** **/**/**** ** **:** ** EST }

*******: ******: “*********” ************* ********* *** Mitigation

“*********” ************* ********* *** **********

**********

  • ** ******** **, ****,***-****-******** ********* ** * ****** **** Execution ************* ** *** ****** ***** library, * ****-***** ******* *******. **** vulnerability ****** ** ******** *** *** control *** ******** ** ******* ********* code ****** **** ********-********** *******. ****** quickly ******** ***** *.**.* ** ******* the *************, ** **** ** ******* other ******** *********** *** ********** ***** a ******* ******* *** *** ********.
  • ******** **, ****,***-****-************* *** ***** ** ******* ***** 1.2.x.
  • ******** **, ****,***-****-******* *** ***** **** *** *** to ******* ***-****-***** ** ****** ***** 2.15.0 *** ********** ** ******* ***-******* configurations. ****** ********* **** *** ******* of ***** *.**, ** **** ** other ******** *********** *** ********** ***** a ******* ******* ** *** *********. More *********** ***** *** ******* *************** is ******** ** *** ****** ********** at***** – ****** ***** ******** ***************.

Carrier ************* *********

******* ** ******* ******* *** ********** to *********** *** ********* ******* ** the ***** *************** ****** *** ********* of *********. *** ******* ******** ******** Response **** (*****) ************* ******** **** Log4j ******** **** ***** *************** *** present ** *******® ******** ******** *.* (and *.* ****** *) ***********, ** well ** ** ******™ ******** ******** 5.4.3 *** *****, ****** ****** ******** versions *.* *** *****, ***™ ******** versions *.*.* *** *****, *** ********™ Video ******** ******* ****-***** *** *****.

** ** ********* ****-****** *** ******* software ******** *.* *** *.* ****** 1, ********* *** ******* "** *********" service, ** ******** ** ** ** effective ********* ********** ** *** ***** vulnerabilities. *******, **** ******* **** ******* "OnGuard ********* & **********" *************. ******* Reports ************* **** ** **********. **** temporary ********** ** *** ********** * long-term ********.

***** ******** ******** ** *** ***** 1.2.x ********* **** ** *** ******, NetBox ******, *** *** ******** ***** Recorder ********, ******* ******** **** **** of ***** ******** *** ************ ********** to *** *** ********** **** ********* integration. *** ** ** ********* ** caution *** ** ********* **** *** firm ********** ** ******** *** ******** posture ** *** *********, ******* **** provide ** ****** ** *** *** affected ******** ** ****** *** *********** vulnerable ******** ** ***** ** **** as ********.

About ****** ******* *************

** *******, ****** *** *********** ******** is ********. ** ****** ********, ******** and *********** ***** ******** ****** ******* Cybersecurity – * **** ** ****** experienced *** ************ ********; ******* *** dynamic ************* ****** ******* ***’** ********** prominent ***** *** **************** ** *********, building, *** ********* ****** ****** ******* systems.

*** ******* ******** ******** ******** **** (PSIRT) ******* ** *** **************, **********, and *********** ** *** ***** ********** with ******** *************** ****** *** *** products, *********, *********, ********** ***/** ********. PSIRT ** * ********* **** ** first ********** *********** *** ********** ******** support ******** ** ******* *** ******** the ****** *** ****** ** * product ******** *****, ********, ******, ***/** crises. ​ ​

*** **** *********** ***** ****** ******* Cybersecurity *** *****, ****** ***** ** at:*****://***.*********.*******.***/*******-********/. *** *** **** ******* ** at:***************@*******.***.

****** *** **** *** *********, ****** contact **** ******* ************** ** *** LenelS2 ********* ******* *****.

***** *** *** **** ********* ******* of *******.

Agree
Disagree
Informative
Unhelpful
Funny

******:

**** ****** ******** ********** ***********, *******, and *********** ** *** **** ***** December **, ****, ** *** **** topic.

*******

  1. **********: *** ******** **, **** **** listed ******* ******** **** ******* *** Log4j ********** ******** ** ***** ****** CVEs. ** ************* ******* *** *******. Our ********* ********* ** ** *******:

******* ** ******* ******* *** ********** to *********** *** ********* ******* ** the ***** *************** ****** *** ********* of *********. *** ******* ******** ******** Response **** (*****) ************* ******** **** Log4j ******** **** ***** *************** *** present ** *******® ******** ******** *.* (and *.* ****** *) ***********, ** well ** ** ******™ ******** ******** 5.4.3 *** *****, ****** ****** ******** versions *.* *** *****,*****™ ******** ******** *.*.* *** *****, ***™ ******** ******** *.*.* *** below, *** ********™ ***** ******** ******* 2021-1209A *** *****.

  1. *************: *** ******** ****** ***** (***** than ******* ******** ******** * *** 8.0 ****** *) ** ******* ***** version *.*.*, *******, **** ***** **** is ****************** ********** ** *** *********** (** explained *****-****-****), ***** ** *** *** **** in *** ** ***** ******* ********. Nonetheless, ** ** ***** *** ********* to ******* ******* *** ***** ******** to ********* *** ********** ******* ** Log4j.
  2. ******: *** ******** **, **** **** provided * ********* ********** *** ******* software ******** *.* *** *.* ****** 1, ***** ******** *** ********** ***** code *** **** ******** *** “******* Reporting & **********" *************. ** ** Friday, ******** **, ****, * ***** is *** ********* *** ***** ******* versions **** ******* *** ***** ********** to *** ****** ******* ** ** that ****, ********* * ********* *** for *** ***** ***** ***************. **** patch *** ** ********** ** ********** users **** ********** ******* ******** ********* ********* > ******* > OnGuard *.*.

******* **** ******** ** ******* ********** updates ********* *** ********* ***** *** our ******** ** ** ** ***********.

Agree
Disagree
Informative
Unhelpful
Funny