The message relay feature (v.18.104.22.168) in Sophos for servers uses the Apache server v2.4.46. Does anyone knows if this features is affected by the Log4j vulnerability?
According with the article KB-000038269 (support.sophos.com/.../KB-000038269 from Oct 2021 this version was not affected by the vulnerabilites found at that date, but the log4j was discoverd in Dec 2021. Was this article updated?
Thank you for the help.
The current disclosure article available here lists "Intercept X for Server" which includes the MR/UC feature. The vulnerability will not affect the Message Relay and Update Cache.
Thank you for reaching out to the Sophos Community Forum.
When looking into the article you've linked, I do not see log4j referenced as one of the components utilized by Message Relay. When running checks against the server using our XDR Queries I am not seeing anything returned either. I don't believe Message Relay is susceptible to this vulnerability, however, I will follow up with our product teams to get confirmation and update this thread.
Happy Holidays from the Sophos Community Team
Sophos Endpoint protection (Windows/Mac/Linux)
Sophos Endpoint protection (Intercept X Endpoint, Intercept X for Server) does not use Log4j.