MobiControl 15.2.3 has log4cxx files in Program Files\SOTI\MobiControl folder.  I know less than nothing about this but I saw your question while researching the same issue

Hello,

i also checked our Soti Mobicontrol instance(15.4.0.4737) for log4* files and finde a log4j-core in the search folder.

c:\Program Files\SOTI\MobiControl\Search\lib\log4j-core-2.11.1.jar contains Log4J-2.x   >= 2.10.0 _VULNERABLE_ :-(

Any official statements from SOTI?

Yes, it needs to be patched

Hello,

as a first mitigation I added on my MobiControl Servers (all 15.4.1) following additional line in "C:\Program Files\SOTI\MobiControl\Search\config\jvm.options"

-Dlog4j2.formatMsgNoLookups=true

and then restartet the MobiControl Search Service. Searching is still working, i dont know if there are any other negative sideeffects, so this is complete unsupported and do on your own risk.

Martin

Again...These are all good things to know but could an SOTI "official representative" made an "official" statment regarding the current vulnerability with Log4j and to point out "official" solutions especially for "on-prem" environments?

Hi,

on my on Premise Test Server (15.3.3)  i have replaced the Files in the Folder:

C:\Program Files\SOTI\MobiControl\Search\lib

Stopped the Service

Deleted the Files:

• log4j-1.2-api-2.11.1
• log4j-api-2.11.1
• log4j-core-2.11.1

Copied the new fixed once into the folder:

• log4j-1.2-api-2.15.0
• log4j-api-2.15.0
• log4j-core-2.15.0

Started the Service and in the Logfile was no Error message and in the Webinterface i can see no errors or problems.

After a reboot i had checked the logs and found no Error message in the Search Files or in the Webinterface.

VM Snapshot was done to be safe ;)

Could be that a workaround ?

SOTI just posted a statement.

"The SOTI ONE Platform makes indirect use of this library, and to date, our investigations have determined no exploitable path to the vulnerability within the SOTI ONE Platform."

https://discussions.soti.net/articles/log4j-vulnerability-log4shell-important-information-you-should-know

Do we have an offical and supported way to patch it from SOTI?

Hello Patrick,

Thank you for posting on SOTI Central.

The SOTI Security and Compliance team has been actively engaged on the Log4j issue since it was revealed on Friday, December 10, 2021. 

Please follow below link to know more:-

https://discussions.soti.net/articles/log4j-vulnerability-log4shell-important-information-you-should-know

Any new update on the issue will be posted on SOTI Central. Hence, keep following the same.

For inquiries, please contact support@soti.net. 

Thank you!!

Kind regards,
Technical Support | SOTI Inc. | 1.905.624.9828 | support@soti.net | www.soti.net |