Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events Acronis #CyberFit Summit 2021 Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Intel Partner Connect 2021

10 Technology Vendors Affected By The Log4j Vulnerability

Vulnerable Log4j code can be found in products from some of the most prominent technology vendors like Cisco, IBM, and VMware, and as well as one serving the MSP community like ConnectWise and N-able.

1   2   3   ... 11 Next

Code Calamity

The critical vulnerability disclosed last week in Java logging package Log4j sent shockwaves throughout the industry given how frequently that open-source library is used to develop enterprise software. Vulnerable code can be found in products from some of the most prominent technology vendors like Cisco, IBM and VMware, and as well as ones serving the MSP community like ConnectWise and N-able.

“Normally a vulnerability is reported privately to the software maintainers, who then have time to repair the issue and release an update, so attackers don‘t gain a temporary advantage,” VMware wrote in a frequently asked questions (FAQ) document posted to its website. “With a zero-day disclosure like this one, attackers have an advantage while software maintainers scramble to develop the fix.”

Vendors with susceptible versions of Log4j code have been hard at work since Friday developing workarounds, patches and updated versions of their products that eliminate the risk of exploitation. However, some of the impacted products won’t be fixed until early 2022, while resolution dates haven’t each been announced for other vulnerable products.

 
 
1   2   3   ... 11 Next

sponsored resources