In a nutshell: No! We use a .NET based logging solution across all products, accordingly we are not affected by this vulnerability.
The publication of the Log4Shell vulnerability (also known as Log4j Vulnerability ) under CVE 2021-4428, has also prompted us to check our products for possible vulnerabilities. Log4Shell uses free text fields in web interfaces to cause reloading and injections of potential malware with manipulated input, which is why the German Federal Office for Information Security (BSI) has also announced a red alert level for this vulnerability.
In general, you can find more information on the BSI website:
Comments
0 comments
Article is closed for comments.