XPLG Update: Apache Log4J critical vulnerability

Modified on Tue, 14 Nov 2023 at 10:54 AM

Apache Log4j critical vulnerability (CVE-2021-44228) was brought to our attention on Fri, Dec 10th. The Apache Log4j 2 is an open-source Java package that allows developers to log activity within applications. The vulnerability was exploited by attackers worldwide, allowing malicious strings to be logged.

Were XPLG products affected by the vulnerability?

  • XPLG was not affected by the Log4J 2 vulnerability.
    After an extensive security audit of the entire XPLG environment, we have found that none of the XPLG product suite systems contain the software identified in the vulnerability disclosure.

  • What security actions XPLG’s has taken?
    XPLG users do not need to take any immediate actions. 
    We have been working to assure the security of our environment since this vulnerability was made public.

  • XPLG Next Security Patch *Announced soon
    Although this vulnerability does not compromise XPLG users, we are always committed to keeping our products' security up to date. The next security patch will contain the latest secured Log4j version and will be released within a few days.

We strongly encourage you to review other applications in your IT environment and, if necessary, take immediate action. We gathered some helpful resources here

Please reach out to our team if you have any questions.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article