Details
-
Story
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
chat 3.15.6
-
International Projects (InternationalProjects)
Description
Vulnerability
The CVE-2021-442288 vulnerability was found in the following Java-based components in HC:
- CCM
- Communication Server
- Routing Engine
Implementation
This vulnerability is caused by Log4J2 in versions older than 2.15.0. It is recommended to update the Log4J2 library to at least ≥ 2.16.0 which resolves the following two vulnerabilities:
- CVE-2021-44228 - Critical
- CVE-2021-45056 - Low