cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Vulnerability in IQM2 product, no response from Granicus since 8/5/2021

MTUser
New Contributor

Good day,

     We have dozens of machines on our network failing compulsory compliance checks due to a critically vulnerable log4net.dll included in the Minute Traq product.  I reported the issue on August 5 and have since reached out four times via your support website and tried calling support twice, both times never reaching anyone after waiting on hold for well over an hour.  We desperately need a response and a timeline for a published fix.  The vulnerability in question is CVE-2018-1285 with a base CVSS score of 9.8/Critical.

     As a long-time, paying customer, my hope was we could expect more from Granicus on this issue.

 

Thanks in advance for any help folks on this board can provide.  I'm hoping to resolve this in short order for the sake of all Minute Traq customers.

1 REPLY 1

LisaJM
Community Manager
Community Manager

This post was escalated as a Support Ticket on 9/6/21.