IMPORTANT NOTICE: Telenium not affected by CVE-2021-44228 – Log4j Vulnerability
December 14, 2021
MegaSys has reviewed our systems for the CVE-2021-44228 Log4j vulnerability and has confirmed that none of our software uses this Java library and therefore does not expose this vulnerability. While not used, this library is delivered with our Version 8 products and should be removed to ensure that it is not inadvertently activated. For our Version 8 customers, please remove the files from all Telenium servers using root level credentials and the following command:
rm -f /opt/telenium/www/html/TeleniumReporting/TeleniumReporter_lib/log4j-*.jar
This will not impact the operation of the Telenium system as our reporting package does not use these libraries. They were included as part of the distribution for the Jasper reporting package. We will continue to monitor the situation and provide updates to our valued customers and partners if the status changes for our systems.