News and dates Statement on the security gap in Log4j
Statement on the security gap in Log4j
General information on what is probably the biggest security gap in 2021 can be found on the HP of the Federal Office for Information Security (BSI) at: https://bsi.bund.de/dok/log4j Currently, the BSI provides a working paper on detection and response, which is constantly updated.
As an ISO 27001 certified company, we adhere to the recommendations of the BSI and already checked our systems and applications shortly after the security vulnerability became known last weekend. After an in-depth analysis and examination of our systems as well as the components and tools used, we can state that no LOGSOL software product is affected by the log4j vulnerability CVE-2021-44228. On the one hand, our own applications are not based on Java and do not use the affected library. Furthermore, we do not use any software on our customer servers or in DevOps that has the vulnerability or is affected by it.