A critical vulnerability was recently discovered related to systems/software that run Apache Log4j. More information about these vulnerabilities can be found here:
This is an industry-wide vulnerability affecting the Apache Log4j itself and is not specific to NetVault.
How does this affect me?
It has been confirmed that the Apache Log4j2 Zero-Day exploit identified by CVE-2021-44228 and CVE-2021-45046 only impacts NetVault, when leveraging the optional Elastic Search functionality.
To resolve the issues associated with the identified vulnerability, please see the associated NetVault knowledge article 335876.
Affected NetVault versions: 12.x, 13.0, 13.0.1, 13.0.2, 13.0.3
There is an update available for NetVault. Please review the following knowledge article for the update package and installation instructions.
For any questions or assistance on this topic please contact Quest Technical Support.We apologize for the inconvenience this issue may have caused and look forward to assisting you in the future.