Log4net vulnerability (CVE-2018-1285) in TEAMS-RDS 12.5.0 and 12.5.1

August 31, 2021
by Kristian Balinski
Comments are off

To all customers using TEAMS-RDS, following versions use vulnerable versions of Apache Log4net and are affected by CVE-2018-1285:

  • 12.5.0
  • 12.5.1

Vulnerability is limited to Windows versions of TEAMS-RDS only. Apache Log4net was used in a single purpose utility used when clicking on:

  • Start -> Programs -> TEAMS-RDS -> Start TEAMS-RDS Services
  • Start -> Programs -> TEAMS-RDS -> Stop TEAMS-RDS Services

We recommend that all customers update to TEAMS-RDS 12.5.5.

If upgrading to 12.5.5 is not possible, please contact support to discuss alternative remediation strategies.

About the Author
Product Manager at QSI. With roots in Software Engineering.
Privacy Policy | Trademarks | ISO9001 Certified | QSI Master Agreement | Cookie Policy
© 2024 Qualtech Systems, Inc