Response to Log4j vulnerability - CVE-2021-44228
On premise version
On Saturday, December 10, 2021 - we were made aware of the Log4j vulnerability in the apache logging framework (CVE-2021-44228) and (CVE-2021-45046)
The results of our investigation is that Table Grid Next Generation is affected by this vulnerability as it is using the Log4j library.
The vulnerability affects any release of version 1.12.11 and before.
Based on our investigations, the vulnerability can lead to Remote Code Execution on the environment hosting the JIRA on which the app has been deployed.
As it has been rated as critical, according to the scale published on the Common Vulnerability Scoring System (CVSS), make sure to upgrade to the latest versions of the application. The problem has been fixed on
Version 1.11.2
Version 1.12.12
Cloud version
The cloud version has been patched to remedy this vulnerability
If you have any questions, please feel free to raise a support request on our support portal here