Home Image-Pro FAQs

Log4j vulnerability and Media Cybernetics products

Media Cybernetics was made aware of an exploit in the Java logging library, Log4j, which impacts versions 2.14.1 and lower. This vulnerability allows attackers, who can control log messages or parameters, to execute arbitrary code. Full details can be found in the public advisory ( https://nvd.nist.gov/vuln/detail/CVE-2021-44228 )

After a thorough investigation of our products, this vulnerability was identified in the Network License Server used by Image-Pro 10.0.0 and above. Specifically, the License Administration tool, hosted in Apache Tomcat, used versions of Log4j that were affected by this vulnerability.

Please use the following link to download an updated version of the Image-Pro Network License Server, version 10.0.12, that resolves this issue.


Using the License Server Toolkit, please stop the License Server and Uninstall prior to running this installer. 
Sign In or Register to comment.