CVE-2021-44228 Log4j2 Exploit
A high severity vulnerability (CVE-2021-44228) impacting multiple versions of the Apache Log4j2 utility was disclosed publicly via the projects GitHub on December 9th, 2021. The vulnerability affects Apache Log4j 2 versions 2.0 to 2.14.1.
We have validated that the following products are not susceptible to the Log4j vulnerability:
- LoadMaster GEO
- LoadMaster MT
- ECS Connection Manager
- Kemp 360 Central
- Kemp 360 Vision
For additional information on this vulnerability as it relates to other Progress products, refer to the Progress Security Center: https://www.progress.com/security
Please see the article below for help using content rules or our WAF engine to protect your applications/servers behind the LoadMaster.
We still highly recommend you patch your applications/servers, the above article is to help alleviate the risk.