Welcome to the Panopto Community

Please note: All new registrants to the Panopto Community Forum must be approved by a forum moderator or admin. As such, if you navigate to a feature that is members-only, you may receive an error page if your registration has not yet been approved. We apologize for any inconvenience and are approving new members as quickly as possible.

Does Panopto use/vulnerable to the Log4J vulnerability?

Hi,

Does anybody (perhaps at Panopto) know whever any of the Panopto products contain the Log4J vulnerability? If so, will a software update be issued soon?

Many thanks,

Paul

Answers

  • Hi @Paul Vincent - They sent out a notification yesterday:

    Incident Update

    Panopto Cloud Operations Status

    Current Status: Operational

    Affected Infrastructure

    Components: Search

    Locations: North America (NA), Europe (EU), Asia-Pacific (AP), Canada (CA), Australia (AU)

    Update:Panopto Cloud is safe with regard to the log4j security vulnerability. We have determined that Panopto’s servers and services are not vulnerable to this security issue. In an abundance of caution, we have patched backend systems that included the vulnerable version of log4j, even though the network security policies and the version of the Java runtime protected us from this vulnerability.

    For more information, please see this support article: https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability . Should the need arise for further updates, we will do so in the article.

  • Hi Paul,

    We've issued a statement on the Log4J vulnerability here: Panopto Statement on the Log4j2 Zero-Day Vulnerability.

    If you have any additional questions, please feel free to let me know.

    Best wishes,

    Cait

  • Many thanks Cait; I did search for info before posting but couldn't locate it - many thanks for the link!


    All the best,

    Paul

Sign In or Register to comment.