CVE-2021-44228, CVE-2019-17571, CVE-2020-9488, CVE-2021-4104, CVE-2022-23302
Updated: Aug 10, 2023
ITC Engineering has reviewed our GoPrint source code, and our findings are:
- GoPrint Solution is using Log4J library below version 2.x and as such, is not affected by the Log4 Shell Exploit (CVE-2021-44228)
- GoPrint does not use SocketServer (CVE-2019-17571) from Log4J and is not affected by the security vulnerability
- GoPrint does not use SMTPAppender (CVE-2020-9488) or chainsaw (CVE-2022-23307) from Log4j and is not affected by the security vulnerability
- GoPrint does not use JMSAppender (CVE-2021-4104) or JDBCAppender (CVE-2022-23305) from Log4j and is not affected by the security vulnerability
- GoPrint does not use JMSSink (CVE-2022-23302) from Log4j and is not affected by the security vulnerability
- All prior known vulnerabilities against Log4J version 1.x do not apply to GoPrint as per our security code review, as we don’t use any of the following vulnerable Appenders:
For GoPrint customers, no further action is required.
For customers who are using PrinterOn, we are advising you to visit
https://www.printeron.com/support/downloads.html to remedy the Log4J vulnerability.
For customers who are using PaperCut, we advise you to visit
Information about this vulnerability published on the National Vulnerability Database is located
Information about this vulnerability from the Apache Software Foundation is published