SERVICE SUPPORT

We pride ourselves not only on our products, but also on our excellent customer support after purchase.

Spring4Shell Vulnerabilities (CVE-2022-22963) and (CVE-2022-22965)

VMware announced a vulnerability (CVE-2022-22963) in their Spring Framework on March 29, 2022. The vulnerability is within the Spring Cloud function allowing remote code execution.

A further vulnerability (CVE-2022-22965) has also been identified on March 31, 2022. This vulnerability affects the Spring Framework RCE and Spring Boot data-binding, if running Java 9 or above.

We are pleased to state that no iET®  Solutions products are affected by this vulnerability.


Apache Log4j vulnerability (CVE-2021-44228)

Apache published a critical vulnerability within the Apache log4j java library on December 6, 2021. This vulnerability allows an attacker who can control log messages or log message parameters to execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.

A number of iET®  Solutions products are affected:

  • iET®  Enterprise versions 15.0.11 and above
  • iET®  IntegrationCenter all versions
  • iET®  CTI Connect all versions

On December 17, 2021, Apache published a new log4j vulnerability (CVE-2021-45105). This vulnerability affects the same identified products.

Resolutions are available for all versions. An iET®  Solutions technical support representative will be in touch shortly to provide detailed instructions if you are affected. Alternatively, please email us at support@iet-solutions.com.


Access our customer portal:

 

Sign in or request an account

 

US based support is available on business days from 8:30 am to 5:30 pm ET.
Outside of the US, support is available on business days from 9:00 am to 5:00 pm CET.