Loading
search-img
Title
Snow Commander - LOG4J2.XML library version used is exposed to VULNERABILITY ( CVE-2021-44228 )

Snow Commander 
  
Update: 22 Dec 2021
Due to an issue that may see some customers experiencing cloud connection problems, we suspended the release of Snow Commander 8.10.2.  We recommend that customers who did install Snow Commander 8.10.2 to upgrade to Snow Commander 8.10.3 should they experience cloud connection issues.

As stated below, we strongly recommend that customers using any version of Snow Commander and the VM Access Proxy upgrade to Snow Commander 8.10.3 and/or VM Access Proxy 3.7, which is targeted to be released by Snow Software on December 22, 2021.
//



Snow Software provided guidance regarding the Log4j vulnerability (CVE-2021-44228) on 15th December 2021 and 16th December 2021 based on recommendations from the Apache Software Foundation. This KB includes updated guidance (20 December 2021) based on a new Log4j vulnerability (CVE-2021-45105).      
 
Flaws in Log4j. a key Java-logging framework developed by the open-source Apache Software Foundation, are the most high-profile security vulnerabilities on the internet right now. The two Log4j vulnerabilities reported by cve.mitre.org are as follows:
 

  • CVE-2021-44228 comes with a severity score of 10 out of 10.  Snow Software, with many other companies across the globe, became aware of this vulnerability on Friday, December 10, 2021. In response, on 20 December 2021, Snow Software released Commander 8.10.0/8.10.1 and VM Access Proxy 3.6 (versions that included Log4j 2.16.0 that was reported by Apache Software Foundation to address CVE-2021-44228).  .
     
  • CVE-2021-45105 comes with a severity score of 7.5 out of 10. Regretfully, Snow Software became aware of this flaw after releasing Commander 8.10.0/8.10.1 and VM Access Proxy 3.6.  
 
 Affected Versions and Recommendations
 

 

 

Was this helpful?
Support Hub
Product
Snow Commander
Visibility
Guest
URL Name
SnowCommander-LOG4J2-XML-library-version-used-is-exposed-to-VULNERABILITY-CVE-2021-44228

Related Articles

Create a case with Support
0/255
Upload Attachment
File Upload
Maximum file size allowed is 3 MB.
File type not supported.
Supported file types:
Documents (.txt, .doc, .docx, .pdf), Images (.jpg, .png), Comma Separated Files (.csv) Speadsheets (.xlsx, .xls)

Are you sure you want to cancel the case creation?

Are you sure you want to close this case

Get Hotline support
Products Region Phone Numbers
FlexNet Operations
FlexNet Embedded
FlexNet Publisher
FlexNet Connect
FlexNet Code Insight
InstallAnywhere
InstallShield 		North America  * +1 630-332-2513 (toll)
+1 877-279-2853 (toll-free in North America)
Europe  * +44 1925 944367 (toll)
+44 800 047 8642 (toll-free in Europe)
Japan  * +81 3-4540-5335 (select option 2)
Australia  * +61 3 9895 2177
+61 1800 560 603 (toll-free in Australia)
Usage Intelligence (formerly Revulytics)
Compliance Intelligence 		Please use the Case Portal to submit your support ticket or reach out to your Revenera contact.
Book an Appointment
File Upload
Maximum file size allowed is 3 MB.
File type not supported.
Supported file types:
Documents (.txt, .doc, .docx, .pdf), Images (.jpg, .png), Comma Separated Files (.csv) Speadsheets (.xlsx, .xls)
+1.800.374.4353
CONTACT US REVENERA.COM FLEXERA.com
© 2026 Flexera Software. All Rights Reserved.
Privacy policy Terms and conditions Flexera Community Contact Us
Loading
Snow Commander - LOG4J2.XML library version used is exposed to VULNERABILITY ( CVE-2021-44228 )