DLP not vulnerable to zero-day vulnerability CVE-2021-44228

Data Loss Prevention

1 more products

19794

10 December 2021

10 December 2021

A severe zero-day vulnerability has been reported that affects the widely used Java logging library Apache Log4j2. The vulnerability is tracked at https://nvd.nist.gov/vuln/detail/CVE-2021-44228.
 
Symantec has investigated this vulnerability and its potential impact to Data Loss Prevention. Based on these investigations, Symantec has established that DLP is not affected by this vulnerability. 
 
CVE-2021-44228 affects log4j-core-2.x.jar, which is not included or consumed by any version of DLP.