Chat now with support
Chat with Support
Self Service Tools
Knowledge Base
My Account
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Support Essentials
Awards and Testimonials
Getting Started
License Agreement
Support Guide

NetVault Product Notification

Critical Alerts

A critical vulnerability was recently discovered related to systems/software that run Apache Log4j. More information about these vulnerabilities can be found here:

National Vulnerability Database - CVE-2021-44228 ( and  CVE CVE-2021-45046.

This is an industry-wide vulnerability affecting the Apache Log4j itself and is not specific to NetVault.

How does this affect me?

It has been confirmed that the Apache Log4j2 Zero-Day exploit identified by CVE-2021-44228  and CVE-2021-45046 only impacts NetVault, when leveraging the optional Elastic Search functionality.


Quest has released an update package that addresses the Apache Log4j2 Zero-Day exploit identified under CVE-2021-44228 and CVE CVE-2021-45046.

To resolve the issues associated with the identified vulnerability, please see the associated NetVault knowledge article 335876.

Affected NetVault versions: 12.x, 13.0, 13.0.1, 13.0.2, 13.0.3


There is an update available for NetVault. Please review the following knowledge article for the update package and installation instructions.

For any questions or assistance on this topic please contact Quest Technical Support

We apologize for the inconvenience this issue may have caused and look forward to assisting you in the future.