Log4j2 Vulnerability Assessment

Update History:

December 15, 2021 1:45 PM US EST - Added RapidFire Tools to Current Status

December 13, 2021 12:54PM US EST - Added MyITProcess to Current Status

December 13, 2021 10:25AM US EST - Added KCB - Acronis

December 12, 2021 at 3:30PM US EST - Added Graphus to Current Status

December 12, 2021 at 12:32PM US EST - Added BitDefender to Current Status

December 12, 2021 at 9:47 AM US EST - Added Spanning G Suite Backup to Current Status

December 12, 2021 at 9:20 AM US EST - Added Traverse to Current Status

December 11, 2021 at 8:22 PM EST - Updated Current Status

December 10, 2021 at 8:30PM EST - Published

Overview

Kaseya is aware of the Log4j2 vulnerability CVE - CVE-2021-44228 (mitre.org) and our product, operations and security teams are currently assessing all products.

As always, please follow cybersecurity best practices including ensuring all of your servers are properly secured behind firewalls, backed up, and not left unprotected on the internet if they are installed on-premises.

Please check back to this site regularly as we will continue to post updates as new information becomes available.

Current Status:

Kaseya has been performing a review of our products, code and production environments.  Currently, our analysis indicates that the products listed below are not affected by this vulnerability.  As this is an evolving threat, we will update this site as new information becomes available.

VSA SaaS & VSA On-Premises

IT Glue

MyGlue

Network Glue 

BMS

Vorex

Passly

Unitrends

Spanning O365 Backup

Spanning Salesforce Backup

Spanning G Suite Backup

ID Agent DarkWeb ID and BullPhish ID

RocketCyber

AuthAnvil

Traverse

BitDefender 

Graphus

Kaseya Cloud Backup Powered by Acronis see - https://security-advisory.acronis.com/advisories/SEC-3859 

MyITProcess

RapidFire Tools Network Detective

RapidFire Tools Cyber Hawk

Compliance Manager

Vulscan

*Other products not listed above are currently under investigation and will be updated as our analysis has completed.

Important Notes:

  1. While the VSA On-Premises, AuthAnvil On-Premises or Unitrends Backup products are not affected, customers should investigate the environment where they have installed the product(s) to ensure the operating systems, other software installed on the server and virtual environments are not affected.  For example, VMware is commonly used to virtualize the underlying infrastructure and they have provided an update on their products at the following link: https://www.vmware.com/security/advisories/VMSA-2021-0028.html 
  2. While Unitrends products are not affected, we want to remind customers that the supported deployment requires that appliances (virtual or physical appliances) should never be exposed to the internet to limit the attack surface.
  3. Our analysis was done on the latest released version of each product.  SaaS products are always on the latest version, but for on-premises products, you should ensure you have updated to the latest version.
Was this article helpful?
5 out of 6 found this helpful
Have more questions? Contact us