Log4Shell java vulnerability, is schedulix effected ?
14 vues
Accéder directement au premier message non lu
wim.ve...@billinghouse.nl
10 déc. 2021, 06:34:3910/12/2021
à schedulix
Hi,
Since schedulix uses Java, it might use log4j. Is schedulix currently vulnerable for this attack ?
For details see https://www.lunasec.io/docs/blog/log4j-zero-day/
Regards,
Wim Veldhuis.
Wim Veldhuis.
Ronald Jeninga
10 déc. 2021, 08:28:4610/12/2021
à schedulix
Hi Wim,
Thank you very much for your inquiry!
No worries, since we do not use log4j at all, the attack that targets it won't show effect.
I appreciate it a lot if potential issues are discussed in advance.
In this case it turns out to be false alert, but it could have been otherwise.
And I'd rather look at 500 false positives than to miss a real issue.
Thank you,
Ronald
Répondre à tous
Répondre à l'auteur
Transférer
0 nouveau message