Welcome to Voyager Help

Use the Search field below or select a Category from the list at the left

News and Announcements

Voyager Search Statement on Apache Log4J Vulnerability

Thursday, December 16, 2021 3:30pm (EST)

Voyager Search is actively monitoring Log4J vulnerabilities across all products and services.

Background

On December 9, 2021, security researchers published a report of a high risk "zero day" vulnerability (CVE-2021-44228) affecting a common software package (Apache Log4J) that can allow remote code execution. Our security and engineering team immediately investigated the vulnerability and our software products for potential impact. 

Status of Current Product Release

Customers with the most up-to-date releases of Voyager Search software (Voyager Server 2.8.0 and Voyager HQ 1.8.0) are protected against the Log4J vulnerability through our inclusion of the latest embedded Java runtime which protects against this form of remote code execution. For customers running our latest release, you are protected from this vulnerability. 

Older Versions of Software (earlier than Voyager Server 2.8.0 and Voyager HQ 1.8.0)

Customers running older versions of Voyager Search software have two options; one, to upgrade to the latest release that is published on our website through the Customer Portal; or two, we have developed a service patch release (Voyager Server 2.8.1 and Voyager HQ 1.8.1) that includes the latest version of Apache Log4J that addresses this "zero day" vulnerability. This change will offer two levels of protection through the use of the latest Java embedded runtime and by including the latest Log4J patch. 

We are currently making the service patch available through our support team until the installers can be signed with the necessary certificates. To learn more about the patch release, please reach out to our Support Team at support@voyagersearch.com.

Additional Information

We will continue to provide updates about the Log4J vulnerability as warranted. Protecting customer systems is our top priority. For any specific concerns, please reach out to support@voyagersearch.com.

Web Design and Web Development by Buildable