Are Utoolity apps affected by CVE-2021-44228 (Log4j)?
- Henrik Opel [Utoolity]
- Steffen Opel [Utoolity]
Analytics
This page provides information related to the recently published remote code execution (RCE) vulnerability affecting Log4j:
Atlassian host products
Refer to https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html for details.
Utoolity apps for Atlassian Data Center / Utoolity apps for Atlassian Server
Not affected beyond the Atlassian host product
All Utoolity Data Center and Server apps use the SLF4J facade as provided by the respective Atlassian host product via OSGi and do not introduce Log4j on their own. They would thus only be indirectly affected if the Atlassian host product uses a vulnerable version of Log4j – this does not seem to be the case by default, refer to https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html for details.
Utoolity apps for Atlassian Cloud
Not affected
All Utoolity Cloud apps do not use Log4j and are thus not affected.
Related content
Amazon Web Services™, AWS™ and the “Powered by Amazon Web Services” logo are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
Utoolity® is a registered trademark of Utoolity GmbH.
© 2024 Utoolity GmbH. All rights reserved.