Vista Log4j Critical Information Update

You may have seen recent news about a “Critical vulnerability” in the popular Log4j logging library being reported ((CVE-2021-44228), nicknamed Log4Shell.

The vulnerability is tracked as CVE-2021-44228 and is a remote code execution vulnerability that can give an attacker full control of any impacted system.

We have contacted all of our suppliers and they have confirmed there is no issues with the current Vista products.

Category WEB VIEWER Whether use log4j Remark
VK2 Cameras X Not affected
VIPER DVR/NVR WINDOWS X Not affected
MAC O The affected part is core/lookup/JndiLookup.class, but the file does not exist in the version we are using.

 

1. No core/lookup/JndiLookup.class file

2. In iOS, if we do not use Log4j, the program cannot be created, so we have to include it, but we are not actually using it.

DDNS X Not affected
DVRNS X Not affected
Viper Central WINDOWS X Not affected
MAC X Not affected
VLI Cameras   X Not affected
PVM Monitors   X Not affected
Qulu /

Nx Witness

  X There is a statement here:

https://support.networkoptix.com/hc/en-us/community/posts/4415773312791-Log4j-zeroday-vulnerability-does-not-affect-Nx-Witness-VMS-and-it-s-services-

 

 

If you have any further queries, please do not hesitate to contact our technical support team on 0118 912 5125 or email us [email protected]

Kind regards,

Vista Team