Angus Systems is aware of the Log4j vulnerability, reported December 9, 2021. As part of our ongoing security best practices, we perform a thorough investigation immediately following identification of any serious security vulnerability.
We have completed a review of our application and concluded that we do not utilize the affected component. We can confirm our application is unaffected by this vulnerability.
About the Apache Log4 Vulnerability
For context, the newly discovered zero-day vulnerability was identified in the widely used Java logging library Apache Log4j. This vulnerability (CVE-2021-44228) has been classified as severe and can allow unauthenticated remote code execution as a user running systems and applications utilizing the logging library. Successful exploitation of this vulnerability could allow an attacker to install programs and view, change or delete data for applications that use the Java logging library.
Questions?
If you have any questions or concerns, please do not hesitate to contact our Support Team specialists at support@angus-systems.com or by phone at 1.888.274.1696.