Important information concerning Virtalis Reach and CVE-2021-44228 Log4j
You are receiving this email because you currently subscribe to or are evaluating Virtalis Reach.
A critical security vulnerability CVE-2021-44228 Log4j has been identified in a common, third-party software component which is used by Virtalis Reach. This security vulnerabilty may, in some circumstances, enable a remote attacker to execute arbitrary code within the containers on your Virtalis Reach server.
The scope of any unauthorized activity will be limited by the Kubernetes network policy for Virtalis Reach and the strict access controls which are not affected. Nevertheless Virtalis consider this vulnerability to be critical and in need of urgent attention.
You should should install or upgrade your installation to 2021.5.
If you are installing Virtalis Reach for the first time at version 2021.5, then you should follow the steps in the setup and configuration guide only.
If you have deployed the monitoring stack then you should upgrade it by following the "Set up the deployment shell" and "Installing Elasticsearch, Kibana, Filebeat" sections in the "Deploying The Monitoring Service Stack" guide.