Tesorion products not vulnerable to Log4j
Apache Log4j (CVE-2021-44228, CVE-2021-4104, CVE-2021-45046) contains a serious vulnerability. That vulnerability has now been assigned the name ‘Log4Shell’. The risk classification, also referred to as the CVSS score, is unchanged: 10. This is the highest possible classification within the scale.
T-Update
Apache Log4j (CVE-2021-44228, CVE-2021-4104, CVE-2021-45046) contains a serious vulnerability. That vulnerability has now been assigned the name ‘Log4Shell’. The risk classification, also referred to as the CVSS score, is unchanged: 10. This is the highest possible classification within the scale.
The challenge we are facing is that Java is just like sugar. It is in everything. Java, in combination with Log4j, is often used as a basis, or as a building block. All kinds of different applications from a variety of vendors may now be vulnerable. Tesorion’s live blog contains up-to-date information on the developments concerning this vulnerability.
Tesorion products and services
The Apache Log4j vulnerability has no impact on the following products and solutions. All services that used Log4j were identified by Tesorion. We have taken appropriate measures in time to eliminate any threat to them.
Background
Risk
Advice
Sources
Sign up to receive T-Updates
Receive the latest vulnerabilities in your email every Wednesday
More than 1,000 organisations have already joined us.
