It is:L. Mark Stone wrote: 1.2.16 version of Log4j used by Zimbra is NOT subject to this exploit.
https://github.com/apache/logging-log4j ... -990494126
Search found 3 matches
- Fri Dec 10, 2021 11:48 pm
- Forum: Administrators
- Topic: log4j-zero-day exploit - active attacks
- Replies: 44
- Views: 49164
Re: log4j-zero-day exploit - active attacks
https://github.com/apache/logging-log4j ... -990494126
- Fri Dec 10, 2021 11:31 pm
- Forum: Administrators
- Topic: log4j-zero-day exploit - active attacks
- Replies: 44
- Views: 49164
Re: log4j-zero-day exploit - active attacks
I don't see an option to send you a PM. Might be as my account is new or something. Am happy to send you infos to replicate it yourself.L. Mark Stone wrote: If anyone can prove otherwise, please send me a private message and I will get this escalated within Synacor.
- Fri Dec 10, 2021 11:03 pm
- Forum: Administrators
- Topic: log4j-zero-day exploit - active attacks
- Replies: 44
- Views: 49164
Re: log4j-zero-day exploit - active attacks
Can confirm Zimbra 8.8.15_GA_4177 is vulnerable as well.