Security Bulletin

December 22, 2021

Traficom has reported a vulnerability in Apache Log4j component 13th December 2021.  Log4j is extremely widely used in different services and applications. Because of its popularity, many services online are affected by the zero-day vulnerability that has now been published.

Applications listed below have been audited for vulnerabilities by Novatron´s experts, and the necessary actions have been taken to fix the vulnerability.

Xsite® MANAGE Cloud Service  

• The service provider has fully deployed system update to Xsite® MANAGE.

LandNova: 14.3.0.904

• Apache Log4j component is not in use in machine control systems.

Xsite APP: 2.6.477

• Apache Log4j component is not in use in machine control systems.

3D-Win software

• Apache Log4j component is not in use in application.

More information:

Paul Antila, ICT Manager
Novatron Oy