@Henri.GARDON

The PUB service doesn't have the Vendor element entry so it is possible that it is not a service from ATS.

However, to confirm it, you need to contact your market data team to verify the source of this service.

Hi @Henri.GARDON,

Can you please elaborate what you mean by "ATS like service". Log4J is a product specifically used in the ATS. If your RTDS service was configured using ADS etc, and not ATS specifically, then your infrastructure is not impacted by this vulnerability.

Basically, when we connect to our TREP infra, we have two services (via adhmon/adsmon):

IDN_RDF to retrieve real market data.
PUB : ATS like service where we can publish our our data in some way with a command line like : ./rmdstestclient -S PUB -f post.txt -ir 1 -I 1 with post.txt containing RICs.

I guess that we are not impacted, right ?

There can be a number of ways in which a publishing service can be setup in infrastructure. To be completely sure, please talk to your market data administrator and verify that you don't have ATS setup - to be sure.

Hello @Henri.GARDON

According to the given PDF document, the product is the Refinitiv Real-Time Advanced Transformation Server (ATS), but your product in the capture screen is the Refinitiv Real-Time Advanced Distribution Hub (ADH) which is a totally different product.

I highly recommend you contact the ADH support team directly to verify if it is impacted by the Log4j vulnerabilities. You can contact the team via https://my.refinitiv.com/content/mytr/en/productsupport.html website.

Update:

If the PUB server is ATS, you can contact the ATS support team to verify if it is impacted by the Log4j vulnerabilities.

@Henri.GARDON

You may run rmdstestclient to check the source directory message of the PUB service.

The command looks like this:

rmdsTestClient.exe -h <hostname> -p 14002 -S PUB -ct rssl -f rics.txt -X -d 3 -l stdout

If the Vendor element entry of the PUB service is DTS or ATS, the source of the PUB service could be an ATS server.

Hi, thank you a lot for the info !

@Jirapongse with the command that you provide I have the answer attached rmdstestclient.txt and the following keywords :

<refreshMsg domainType="RSSL_DMT_SOURCE" streamId="2" containerType="RSSL_DT_MAP" flags="0x168 (RSSL_RFMF_HAS_MSG_KE Y|RSSL_RFMF_SOLICITED|RSSL_RFMF_REFRESH_COMPLETE|RSSL_RFMF_CLEAR_CACHE)" groupId="0" dataState="RSSL_DATA_OK" stream State="RSSL_STREAM_OPEN" code="RSSL_SC_NONE" text="" dataSize="539">

Then :

<elementEntry name="Name" dataType="RSSL_DT_ASCII_STRING" data="PUB"/>

And finally :

<elementEntry name="Vendor" dataType="RSSL_DT_ASCII_STRING" data="Thomson Reuters"/>

So I guess this is not a real ATS ? Do you confirm ?

Thanks,

Confirmed with our Refinitiv contact that we are not impacted,

Thank you for the help !