Quick Help

Knowledgebase is a categorized collection of answers to frequently asked questions (FAQ) and articles. You can read articles in this category or select a subcategory that you are interested in.



 Log4j vulnerability (CVE-2021-4428)

Question

"Log4Shell, also known as CVE-2021-4428, is a high-severity vulnerability that affects the core function of Apache Log4j. The vulnerability enables an attacker to perform remote code execution. This vulnerability allows them to: Access the entire network through the affected device or application."

We use your software in some of our systems, and due to recent discoveries related to Log4j, we need to investigate if it is included in any of our products.


• Is the Java-component log4j part of any of your software or used libraries? If so, what version is used?
• Does your software include an Apache webserver? If so, what version is used?
• Is the Java-component log4j part of any development or test environment for your software? If so, what version is used?
• Does your development or test environments for your software include an Apache webserver? If so, what version is used?

Answer

The answer is "No" to all questions. Our software and development systems do not use Apache Log4j at all.

 
Was this article helpful? yes / no

Article details

Article ID: 97

Category: General

Date added: 2022-02-09 03:55:58

Views : 29

Rating (Votes): Article not rated yet (0)