Log4j Vulnerability CVE-2021-44228 and the LPS Family
No action is required for Loftware Print Server (LPS), or Loftware Label
A label is a design area on the computer screen where a label format is created or edited. Manager (LLM) customers in regard to the recently identified Log4j vulnerability. This includes any clients, Connector See Loftware Connector. applications, or Loftware WebAccess (LWA).
Problem
Tracked as CVE-2021-44228, the vulnerability may allow unauthenticated remote code execution as the user running the application utilizes the Java logging library. For more on the Log4j vulnerability CVE2021-44228, please review: https://logging.apache.org/log4j/2.x/security.html.
Solution
Loftware has determined that neither LPS, LLM, LWA nor any of the Connectors or Clients are affected by the Log4j vulnerability, CVE-2021-44228. There is no action required.
Important: The versions of the log4j library affected by CVE-2021-44228 are "all versions from 2.0-beta9 through 2.12.1 and 2.13.0 through 2.14.1." None of the LPS family of products uses an affected version of the library.
More Information
If you are a Spectrum on premise (not cloud) customer please see the following:
Loftware Spectrum Version 4.0 and earlier
Loftware Spectrum Version 4.1 and later
