This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Mobile EAS Proxy - log4j vulnerability

Dear Community,

i have already read the KB-000043545 - but still one question here:

Quote: "....Sophos has released a new version (9.7.2) of the Sophos Mobile EAS Proxy to address this vulnerability...."

===> So there is a new version of the EAS Proxy Standalone Edition

Quote: "...Other Sophos Mobile components.......Sophos Mobile 9.5 or higher are not using the log4j component which is affected by this vulnerability, meaning Sophos Mobile in Central and Sophos Mobile on-premise are not affected by this vulnerability......"

===> We have alreade the on-premise version 9.7.3

The Question: We use the "internal EAS proxy that is automatically installed with Sophos Mobile" => Is there still the log4j vulnerability - or was this already fixed => so just the users of the "Standalone Edition" have to update ?

Thanks for your support

Regards

Peter



This thread was automatically locked due to age.