All Collections
FAQs and Best Practices
Security | FAQ
Is Signagelive impacted by the known log4j logging library (CVE-2021-44228) vulnerability?
Is Signagelive impacted by the known log4j logging library (CVE-2021-44228) vulnerability?
Ian Maison avatar
Written by Ian Maison
Updated over a week ago

In relation to recent queries we've had about the known log4j logging library (CVE-2021-44228) vulnerability as discussed here: https://www.ncsc.gov.uk/news/ apache-log4j-vulnerability

----

Answer:

We are aware of this vulnerability, however, this is not a library we use within our codebase as it is a Java library and we use .NET on our Web and Application Tiers so are not vulnerable.

Outside of the Signagelive platform, it is possible that some of our software tools use this if they are written in Java. We have limited software tools on our web servers and Tenable will pick up any vulnerabilities that we can patch.

For internal tools, as patches are available (if we need any) will be detected by Desktop Central and deployed.

How can I find out more?

You can always search for answers with the Signagelive Help Centre, but rest assured we have a dedicated Support Team that is ready to assist you with any questions you may have. We are always here to help as best we can, so just contact us for any help you require.

Did this answer your question?