[Users] Supported Zimbra Versions Not Affected By 0-day Exploit Vulnerability for log4j
Barry de Graaff
info at barrydegraaff.nl
Tue Dec 14 11:41:08 CET 2021
After intensive review and testing, Zimbra Development has determined
that the 0-day exploit vulnerability for log4j (CVE-2021-44228) does not
affect the current Supported Zimbra versions (9.0.0 & 8.8.15). The
current version of log4j used in Zimbra is 1.2.16. The vulnerability
occurs in log4j versions 2.0 and higher.
https://blog.zimbra.com/2021/12/11825/
More information about the Users
mailing list