Apache Log4j Vulnerability Log4Shell (CVE-2021-44228) does not affect Loftware applications

Problem

A vulnerability in Apache Log4j components may allow attackers to remotely execute malicious code on your system and obtain control over affected servers.

Solution

You're secure. This vulnerability does not affect Loftware applications or Loftware Cloud services.

Loftware does not use Apache server or Log4j components. You don't need to take any further steps in your Loftware applications.

If you use Apache Log4j in your other business systems or applications, upgrade to the latest version immediately. Download and install the patch for Apache distribution. For other Linux distributions, check their dedicated websites.

For more information about the vulnerability, see:

• US National Vulnerability Database

• Apache website

• Trend Micro website