AxTraxNG and log4j vulnerability CVE-2021-45046

AxTraxNG and log4j vulnerability CVE-2021-45046

On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache log4j 2 was identified being exploited in the wild. Public proof of concept (PoC) code was released and subsequent investigation revealed that exploitation was incredibly easy to perform. By submitting a specially crafted request to a vulnerable system, depending on how the system is configured, an attacker is able to instruct that system to download and subsequently execute a malicious payload. Due to the discovery of this exploit being so recent, there are still many servers, both on-premises and within cloud environments, that have yet to be patched. Like many high severity RCE exploits, thus far, massive scanning activity for CVE-2021-44228 has begun on the internet with the intent of seeking out and exploiting unpatched systems

This Article comes to confirms that none of Rosslare’s software products (Windows and Mobile application)  including AxTraxNG implements log4j. Our products are safe and not open to the CVE-2021-45046 vulnerability 

    • Related Articles

    • AxTraxNG not logging some event

      By default AxTraxNG and Rosslare access control panels filter events such REX input open\close and Door output open\close to reduce the number of events to be stored while the access control panel is offline. To log those events, go to the panel ...

    • How to upgrade from AxTraxNG to AxTraxPro

      This technical note gives the procedure to upgrade from AxTraxNG™ v27.7.1.18 or above to AxTraxPro™ v28.0.x.x. Upgrade to AxTraxPro is only available from AxTraxNG version 27.7.1.18 and above, if your version of AxTraxNG lower then AxTraxNG version ...

    • AxTraxNG client shutdown Automatically

      On AxTraxNG version 27.7.1.9 and higher version a new  auto logout feature was presented.  By default Administrator operator will have 10 min of no action on AxTraxNG client before auto logout, all other operators have no timeout. For Administrator ...

    • Dual Authentication on AxTraxNG

      AxTraxNG support 2 options for dual Autentication: Dual authentication - 2 credentials (any credential\pin) from the same user are required to gain access to a secure door. Card + Card mode - 2 or 3 users (based on configuration) are required to gain ...

    • How to obtain AxTraxNG server logs.

      In some cases Rosslare Technical support specialist will request that you will  send us the AxTraxNG server logs.  To obtain the logs go to AxTraxNG server installation folder under this path: C:\Program Files (x86)\Rosslare\AxTraxNG Server Look for ...

    Couldn't find what you are looking for?

    Please feel free to contact us:

    NORTH AMERICA & CANADA

    Toll Free: 1 866 632 1101
    Telephone: 1 817 305 0006

    EUROPE

    Telephone: 972 4 9577 183

    LATIN AMERICA

    Telephone:  54 11 4001 3104

    APAC, MIDDLE EAST AND AFRICA

    Telephone: 852 2795 5630

    CHINA

    Telephone: 86 755 8610 6842

    INDIA

    Telephone: 91 20 40147830