Blog

mediacockpit & WildFly Application
zero-day exploit

As many of you have already noticed, the zero-day exploit CVE-2021-44228 has been making its rounds in tech/infosec news since early Friday morning:

heise.de / securityboulevard.com

Many partners and customers have already approached us to ask if we are aware of the situation.

The answer is yes. We at Bertsch Innovation are aware of this issue and want to assure you that we are closely following the information security news.

Regarding our own software mediacockpit, we can assure you that mediacockpit and the wildFly Application Server on which it is based are not affected.

Twitter message from WildFly: “WildFly does not depend on the Log4j 2 org.apache.logging.log4j:log4j-core library, so we are not affected by CVE-2021-44228. If your application deployment packages log4j-core we recommend you upgrade ASAP.”

Therefore, there is no immediate need for action regarding mediacockpit. However, we would like to remind everyone that it is always a good idea to keep your systems and software up to date.

If you are using any other Java-based web application software, we recommend that you contact the vendor(s) immediately for more information about the exposure and any patches or mitigation procedures.

image_duravit

Highlighted Customer Story

Fully integrated product content management portal at Duravit

Learn how Duravit uses mediacockpit to link their product information with digital content while automating their publishing processes.

Accomplish more together

We believe in the value of collaboration and exchange. This applies both to our customer projects, from which we generate many valuable insights for our product development, and to our growing partner network, with an extensive range of which we support our customers in their digitization.

Get Started