The following information was released by Warwick partner, Mitel, about their Apache Log4J product. If you have any questions, please contact us.
As you may be aware, a critical security vulnerability affecting Apache Log4J was recently disclosed. The vulnerability in the Apache Log4J Java logging library allows attackers to remotely execute arbitrary code, potentially impacting businesses and governments across the globe (read the Mitel Security Advisory for additional detail, including affected products and products under investigation). Mitel has not observed a successful exploitation of the vulnerability, however, through rigorous investigations and analysis we have determined there are potential impacts to Mitel Partners and customers that can be proactively addressed.
Please refer to the Security Advisory page on mitel.com for the latest information about the security vulnerability, affected Mitel products, and recommended actions and fixes. Currently, we have Identified a risk and fix for MiCollab. When, and if, additional vulnerabilities are identified, fixes will be rolled out and communicated.
Customers should contact their Partner for assistance, as needed. If Partners have additional questions or support needs, they are advised to contact Mitel support.