ScopTEL is not effected by CVE-2021-44228 log4j vulnerability

ScopTEL is not effected by CVE-2021-44228 log4j vulnerability

ScopServ is aware of the Apache log4j vulnerability and has completed verification that this issue does not affect ScopTEL products or services.

Log4j is a java addon, no ScopTEL code is written in Java.


On December 9th 2021, Apache published a zero-day vulnerability (CVE-2021-44228) for Apache Log4j being referred to as “Log4Shell”. This vulnerability has been classified as “Critical” with a CVSS score of 10, allowing for Remote Code Execution with system-level privileges.

See: https://nvd.nist.gov/vuln/detail/CVE-2021-44228


When exploited, this vulnerability allows an attacker to run arbitrary code on the device, giving full control over to the attacker. Any device exploited should be considered compromised, potentially along with any devices that trusted the compromised device.


    • Related Articles

    • ScopServ Vulnerability CVE-2014-1691 January 26, 2015

      Scope: ScopServ, ScopTEL installations could be vulnerable to CVE-2014-1691. Description: Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-craft one of those variables allowing to load and execute ...

    • ScopTEL CVE-2026-31431 Product Bulletin, Linux Copy Fail Vulnerability.

      https://nvd.nist.gov/vuln/detail/CVE-2026-31431 Caveat This method only applies to Rocky 8 EL6 and EL7 are both End of Life and ScopSERV is not supporting either release. The official procedure is to update to Rocky 8 and update the kernel to the ...

    • ScopServ Vulnerability CVE-2014-1691 January 26, 2015 Addendum

      In addition to https://service.scopserv.com/support/scopservhq/ShowHomePage.do?articlestatus=published#Solutions/dv/542955000000703295/en If your installation cannot immediately and fully be upgraded as per the product bulletin. You may use this ...

    • CVE-2015-0235 Ghost Vulnerability

      Details: https://rhn.redhat.com/errata/RHSA-2015-0090.html Updated glibc packages that fix one security issue are now available for ScopServ Distributions built on CentOS 5. Red Hat Product Security has rated this update as having Critical security ...

    • Product Bulletin: RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034)

      https://access.redhat.com/security/vulnerabilities/RHSB-2022-001 RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034) Executive summary Red Hat is aware of a vulnerability found in pkexec that allows an authenticated user to perform a ...