Is Nexthink V6 vulnerable to the recently disclosed security issue affecting Log4j?
No, following a thorough security assessment of our product and its components, Nexthink V6 customers are not impacted by this vulnerability.
Please note that our client-side applications such as Collector and Finder are not written in Java and therefore not impacted by this vulnerability.
A remote code execution vulnerability was publicly disclosed on December 9, 2021. Log4j open-source library is one of the most popular Java logging frameworks. The vulnerability affects all Java applications that use Log4j with versions from 2.0 up to 2.14.1.
Please find additional information about the CVE:
The use of the software is subject to the terms and conditions of its applicable license
agreement and then effective documentation. This information is provided “as-is” without
a warranty of any kind.