VertiGIS uses this page to provide centralized information about the critical vulnerability CVE-2021-44228, known as Log4Shell, disclosed on December 9, 2021, and its impact on VertiGIS product families as well as partner products.
This article will be updated as new information becomes available.
Product families not affected:
- GEBman / ProOffice: not affected because .NET application
- GeoOffice: not affected, because .NET application
- GEONIS Desktop: not affected because .NET application
- M4 Solutions / Pinpoint811: not affected because .NET application
- ConnectMaster: not affected because .NET application
- VertiGIS eGuide: not affected because .NET application
Affected product families:
- 3A: see german article
- UT: see article
- WebOffice: see article
- GEONIS Server: yes, but only by Esri base technology as well as WebOffice
- GEONIS Datashop: yes, but only by Esri base technology
- Geocortex: yes, but only by Esri base technology - see article
- Partner products
Esri has created Log4Shell mitigation scripts that are strongly recommended to be applied to all installations of ArcGIS Enterprise and ArcGIS Server of any version of the software.
Please follow this article or the article per product family to be informed about the current state of knowledge.