Portales de TCS-g4 (Sectigo)
SCM portal
(certificados servidor, código, documentos)

SAML portal
(certificados personales)

Sectigo Certificate Revocation Portal

Alta en el servicio
Acceso a los portales de DigiCert para realizar consultas y revocaciones:

CertCentral portal
(certificados servidor, código, documentos)

Vulnerability with Java Logging Library

20211213


Sectigo nos envía la siguiente comunicación relacionada con la vulnerabilidad de la Java logging library ("Log4j"):

Sectigo

Sectigo is aware of the vulnerability reported with Java logging library ("Log4j") under CVE-2021-44228. Our infrastructure and development teams have confirmed that Log4j is not used in our applications and products, and as such, there are no known threats to your existing Sectigo solutions due to Log4j. We will continue to monitor the situation and alert you of any changes if necessary.

If you have any further questions, don't hesitate to contact our support team.

Sincerely,

Sectigo

Han puesto en la entrada del SCM el siguiente aviso:

SECTIGO

Please accept the following Notification

There Are Currently No Threats to Sectigo Solutions

https://sectigo.com/resource-library/sectigo-update-on-log4j-java-logging-exploit

Over the past week, there has been a lot of news surrounding a newly discovered Remote Code Execution (RCE) exploit within the Java logging library (Log4j) under CVE-2021-44228. This exploit potentially affects over a third of web servers worldwide, since this Java logging library is so prevalent on Apache web servers and widely used in the development of Java applications.