Log4j vulnerability and Media Cybernetics products
Media Cybernetics was made aware of an exploit in the Java logging library, Log4j, which impacts versions 2.14.1 and lower. This vulnerability allows attackers, who can control log messages or parameters, to execute arbitrary code. Full details can be found in the public advisory ( https://nvd.nist.gov/vuln/detail/CVE-2021-44228 )
After a thorough investigation of our products, this vulnerability was identified in the Network License Server used by Image-Pro 10.0.0 and above. Specifically, the License Administration tool, hosted in Apache Tomcat, used versions of Log4j that were affected by this vulnerability.
use the following link to download an updated version of the Image-Pro Network
License Server, version 10.0.12, that resolves this issue.