Vendor Patch Exists
VulnerableVendor Resources
| Resource | Link |
|---|---|
| Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos | https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce |
Community Resources
| Resource | Link |
|---|---|
| source | https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce |
Community Notes
| Source | Note |
|---|---|
| NCSC-NL | CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix |
| CISAGov | The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website. |
| CISAGov | Last Update: 12/12/2021 |
Sources
| Date | Attribution | Description |
|---|---|---|
| 2022-01-03 13:16:44 | NCSC-NL | Updated vendorPatchExists. Updated community note. Updated community link source. |
| 2021-12-30 21:31:50 | CISAGov | Updated communityVulnerable. Updated vendor link Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos. Updated community note. Updated community note. |