Pragma Products Not Affected by Apache Log4j Vulnerability – Pragma Systems

Press Release

Company / News

Pragma Products Not Affected by Apache Log4j Vulnerability

Austin, Texas, USA {December 14, 2021} – Pragma Systems products are not impacted by
the critical Apache Log4j vulnerability known as CVE-2021-44228. Pragma Telemote,
Pragma Telemote Viewer, Pragma Fortress SSH Server, Pragma Fortress SSH Client
and Pragma TelnetServer do not use any java libraries in the products.

Background

On December 10th, 2021, a zero-day exploit was observed in the wild targeting a
Remote Code Execution (RCE) vulnerability in the Apache Log4j utility
(a Java open source logging tool). This vulnerability allows attackers to inject
arbitrary code in the Java library Apache Log4j for versions 2.0-2.14.1.
This Java library is widely used by multiple closed and open source projects
including Apache Struts. The Log4j vulnerability, also referenced as log4shell,
is caused due to the lack of input sanitization whereby when a web application or
mobile application server leveraging Log4j to log messages accepts an input and
then logs it, a malicious unauthenticated actor can then force the Log4j service
to receive a payload or malicious code from another remote server. This will impact
the confidentiality, integrity, and availability of the web application server and
its data.

The Apache Software Foundation has released an emergency security update to patch
a zero-day vulnerability in Log4j, a Java library that provides logging capabilities.

The patch—part of the 2.15.0 release—fixes
a remote code execution vulnerability (CVE-2021-44228).

About Pragma Systems

Pragma Systems, Inc. is a leading provider of enterprise class remote access and
secure file transfer software for Microsoft Windows platforms and is a Cisco
Solution Partner & Microsoft Certified Partner. Pragma is an industry leader of
Secure Shell (SSH), SFTP, SCP and Telnet technologies. Pragma’s SSH product line
has US Army Certificate of Networthiness (CoN 201621769), FIPS 140-2
(Certificate # 3171), US DoD UC APL, and US Army TIC lab certifications as well as
Microsoft Windows Certifications. Pragma’s new product, Telemote, adds graphical
remote desktop and server management built on our secure SSH transport. Pragma’s
software products are deployed in the majority of Fortune 500 companies in the
USA and over 5000 companies worldwide in 100 countries with millions of licensed
nodes. To learn more, visit www.pragmasys.com

###

Contact: Edith H. Myers
Pragma Systems, Inc.
Phone: 512-219-7270
Fax: 512-219-7110
ShowEmail(’emyers’)



Navigation

×

Social Media