---
title: Log4J Vulnerability Announcement
date: 2024-09-23T05:10:00-07:00
author: admin
canonical_url: "https://www.cryoserver.com/blog/log4j-vulnerability-announcement"
section: Blog
---
![Log4J Vulnerability Announcement](https://cynical-zorilla.transforms.svdcdn.com/production/photo-1516259762381-22954d7d3ad2-cropentropycstinysrgbfitmaxfmjpgixidMnwxMTc3M3wwfDF8c2VhcmNofDF8fGNvZGV8ZW58MHx8fHwxNjM5NDA0MDA5ixlibrb-1.2.1q80w2000.jpg?w=1920&h=1080&q=100&fm=webp&fit=clip&dm=1727093441&s=781d9d47d5440936eac395ce18a0bcc3) Sep 23, 2024#  Log4J Vulnerability Announcement 

**UPDATE: 16/12/2021 1030hrs**

Cryoserver is also **not** vulnerable to the <https://nvd.nist.gov/vuln/detail/CVE-2021-45046> variant - as we are not using the affected version of Log4J.

---

**UPDATE: 14/12/2021 1630hrs**

Following our previous announcement, we are pleased to confirm that **no** version of Cryoserver is vulnerable to CVE-2021-44228

Our initial examination of Cryoserver versions &lt;v9.5.0 led us to believe that there existed a back-end vulnerability that could potentially be exploited. We have now confirmed that this is not the case.

Cryoserver customers pre-version 9.5 should nevertheless schedule an upgrade at some point in the future as good practice.

---

**13/12/2021 1400hrs**

On Friday 10th December, Apache announced a critical vulnerability within the LOG4J logging library for Java, called Log4Shell or LogJam.

At 10/10 severity, this is comfortably one of the most serious IT vulnerabilities to have been discovered in recent memory, as Log4J is often installed on both Linux and Windows systems either directly, or often as a requirement of another package or system.

Log4J is included on servers built by Cryoserver.

**All our Cloud services**  
Are not vulnerable to CVE-2021-44228

**On-premises versions of Cryoserver on or above v.9.5.0**  
v9.5.0 released in January 2021 are not vulnerable to CVE-2021-44228

**Versions prior to v9.5.0 are partially vulnerable, as described below.**

CVE-2021-44228 Attack Vectors:

Please see:

[https://www.lunasec.io/docs/blog/log4j-zero-day/](https://www.lunasec.io/docs/blog/log4j-zero-day/?utm_source=hs_email&utm_medium=email&utm_content=2&_hsenc=p2ANqtz-8--Hoqz3UR1BY6fd0Kn7UqWqN70O-DtRopa7UhoJRxYaDpEOgQ8-rXPlUUN4qrgMFRpYha2astfE8L0zIUxW4eQjTX4g&_hsmi=2)

**Web Site Attack Vector**

The attacker uses the public website to initiate the attack.

No versions of Cryoservers' are vulnerable to this attack vector.

**Back-End Attack Vector**

The administrator of Cryoserver has set up an outbound connection to an LDAP server that is under the control of an attacker.

The attacker manipulates the remote LDAP server to initiate the attack.

> Cryoserver v9.5.0 and above is not vulnerable to this attack vector.

As a next step, please email help@cryoserver.com if you have any concerns and/or wish to upgrade to our current 9.6 release.

 

## Read  
*More*

  [ ![How Can Email Archiving Solve FinTech Compliance Concerns?](https://cynical-zorilla.transforms.svdcdn.com/production/photo-1529400971008-f566de0e6dfc-ixlibrb-1.2.1q80fmjpgcropentropycstinysrgbw2000fitmaxixideyJhcHBfaWQiOjExNzczfQ.jpg?w=1024&h=512&q=100&fm=webp&fit=crop&dm=1727093361&s=b7bdcf6fbb738411ceed63eda28c3c3e) 

 Sep 23, 2024## How Can Email Archiving Solve FinTech Compliance Concerns?

### FinTech businesses are innovators who create new approaches and solutions for the challenges facing…

 

 

 ](https://www.cryoserver.com/blog/how-can-email-archiving-solve-fintech-compliance-concerns "Go to Story") [ ![Most Trusted Email Archiving Tool 2019](https://cynical-zorilla.transforms.svdcdn.com/production/photo-1551730459-92db2a308d6a-ixlibrb-1.2.1q80fmjpgcropentropycstinysrgbw2000fitmaxixideyJhcHBfaWQiOjExNzczfQ.jpg?w=1024&h=512&q=100&fm=webp&fit=crop&dm=1727093372&s=57257d514efd52e8d1be0d376ce67a51) 

 Sep 23, 2024## Most Trusted Email Archiving Tool 2019

### For the fourth year running, we have won Most Trusted Email Archiving Tool. We are delighted to see…

 

 

 ](https://www.cryoserver.com/blog/most-trusted-email-archiving-tool-2019 "Go to Story") [ ![GDPR: One Year On](https://cynical-zorilla.transforms.svdcdn.com/production/photo-1473186505569-9c61870c11f9-ixlibrb-1.2.1q80fmjpgcropentropycstinysrgbw2000fitmaxixideyJhcHBfaWQiOjExNzczfQ.jpg?w=1024&h=512&q=100&fm=webp&fit=crop&dm=1727093349&s=6101e75c574e667d9eef9c787080e020) 

 May 01, 2019## GDPR: One Year On

### On May 25th 2018, the EU rolled out a new set of data privacy laws under the General Data…

 

 

 ](https://www.cryoserver.com/blog/gdpr-one-year-on "Go to Story") [ ![Australia Privacy Act 1988 reforms & GDPR](https://cynical-zorilla.transforms.svdcdn.com/production/photo-1515861461225-1488dfdaf0a8-cropentropycstinysrgbfitmaxfmjpgixidMXwxMTc3M3wwfDF8c2VhcmNofDJ8fGF1c3RyYWxpYXxlbnwwfHx8ixlibrb-1.2.1q80w2000.jpg?w=1024&h=512&q=100&fm=webp&fit=crop&dm=1727093411&s=04c0fc2ff3aae3b5b2d397addb108965) 

 Sep 23, 2024## Australia Privacy Act 1988 reforms &amp; GDPR

### The Australian Government is reviewing the Privacy Act 1988. The proposed reforms could affect…

 

 

 ](https://www.cryoserver.com/blog/australia-privacy-act-1988-reforms-gdpr "Go to Story") [ ![Are you ready for the EU’s Digital Operational Resilience Act (DORA)?](https://cynical-zorilla.transforms.svdcdn.com/production/photo-1608817576203-3c27ed168bd2-cropentropycstinysrgbfitmaxfmjpgixidMnwxMTc3M3wwfDF8c2VhcmNofDN8fGV1fGVufDB8fHx8MTY4MDI2OTM0NAixlibrb-4.0.3q80w2000.jpg?w=1024&h=512&q=100&fm=webp&fit=crop&dm=1727093445&s=cf52b72b892954fd8d501a69b98188cc) 

 Sep 23, 2024## Are you ready for the EU’s Digital Operational Resilience Act (DORA)?

### Financial services make the world go round. So it’s important that we keep them up and running,…

 

 

 ](https://www.cryoserver.com/blog/are-you-ready-for-the-eus-digital-operational-resilience-act-dora "Go to Story") [ ![Cloud Computing Predictions For 2020](https://cynical-zorilla.transforms.svdcdn.com/production/photo-1522800613660-62a595533961-ixlibrb-1.2.1q80fmjpgcropentropycstinysrgbw2000fitmaxixideyJhcHBfaWQiOjExNzczfQ.jpg?w=1024&h=512&q=100&fm=webp&fit=crop&dm=1727093367&s=cc57014f668b12144af571167fdda3ef) 

 Sep 23, 2024## Cloud Computing Predictions For 2020

### Cloud computing is big business. In 2018, Statista and CenturyLink valued cloud computing at $180…

 

 

 ](https://www.cryoserver.com/blog/cloud-computing-predictions-for-2020 "Go to Story")
