Critical vulnerability in Apache Log4j - all clear for our customers from migRaven, tenfold, Netwrix and Thycotic
The Bundesamt für Sicherheit in der Informationstechnik (BSI) has upgraded the threat level of the Log4j (CVE-2021-44228) vulnerability that became known last week to red. The impact of this vulnerability is cited by industry experts as the largest and most critical IT vulnerability in the last decade.
This critical vulnerability may affect all Java applications accessible from the Internet that log parts of user requests with the help of Log4j. Countless software solutions appear to be affected by this security flaw. The exact extent is not yet known.
Good news for our customers
All IT security experts from our partners can give the all-clear for your software solutions.
migRaven can reassure all customers: migRaven.24 / 7 is not affected by the Apache Log4j vulnerability.
tenfold is based on the WildFly Application Server, which does not use the Log4j logging library. You can do the tenfold statement here read.
Also our partner Netwrix gives the all-clear for the Netwrix Auditor we sell. You can find the whole statement here.
Thycotic, our PAM software partner, has also given the all-clear and a Statement published.
If you still have any questions about this message, please do not hesitate to contact us at: info@aikux.com
