For Ensemble Video self-hosted customers, your Wowza software may be affected by the Apache Log4j2 vulnerability (CVE-2021-44228).
According to the Wowza statement released on their website,
Wowza Streaming Engine 4.8.8.01 and newer uses a version of Apache Log4j2 with a security vulnerability (CVE-2021-44228)
- Customers on Wowza Streaming Engine 4.8.5.05 and below are not impacted by this vulnerability.
To find your Wowza version, enter your Wowza URL into a browser.
Example: wowza.ensemblevideo.com
You should see an output similar to this:
Wowza Streaming Engine 4 Subscription Edition 4.8.5.05 build20201006161917
Reference can be found here:
https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine
If you need to install the update/patch, instructions for Windows install are on the above URL, or the shortcut is here:
https://www.wowza.com/docs/update-for-apache-log4j2-security-vulnerability#update-on-windows1