Ensemble Software / Wowza Software and the CVE-2021-44228 vulnerability


For Ensemble Video self-hosted customers, your Wowza software may be affected by the Apache Log4j2 vulnerability (CVE-2021-44228).

According to the Wowza statement released on their website,
Wowza Streaming Engine and newer uses a version of Apache Log4j2 with a security vulnerability (CVE-2021-44228)

  • Customers on Wowza Streaming Engine and below are not impacted by this vulnerability.

           To find your Wowza version, enter your Wowza URL into a browser.

                         Example:     wowza.ensemblevideo.com

                  You should see an output similar to this:  

                         Wowza Streaming Engine 4 Subscription Edition build20201006161917

Reference can be found here:

If you need to install the update/patch, instructions for Windows install are on the above URL, or the shortcut is here:


2 out of 2 found this helpful