Security Alert CVE-2021-44228

ITC Engineering has reviewed our GoPrint source code, and our findings are:

1. GoPrint Solution is using Log4J library below version 2.x and as such, is not affected by the Log4 Shell Exploit (CVE-2021-44228)

2. All prior known vulnerabilities against Log4J version 1.x do not apply to GoPrint as per our security code review, as we don’t use any of the following vulnerable Appenders:

    • SocketAppender
    • SMTPAppender
    • JMSAppender
    • log4j.appender.server
    • log4j.appender.jms
    • log4j.appender.email

3. No further action is required:

For customers who are using PrinterOn, we are advising you to visit

https://www.printeron.com/support/downloads.html to remedy the Log4J vulnerability.

 

For customers who are using PaperCut, we advise you to visit

https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228

 

Information about this vulnerability published on the National Vulnerability Database is located

at https://nvd.nist.gov/vuln/detail/CVE-2021-44228.

 

Information about this vulnerability from the Apache Software Foundation is published

at https://logging.apache.org/log4j/2.x/security.html