JAVA Security gap Log4j
A zero-day vulnerability in the widely used Java library “Log4j” became known at the end of last week. The vulnerability is classified as critical because the library is built into very many Java applications. In addition, the vulnerability allows an attacker to remotely execute arbitrary code (“Remote Code Execution” – RCE). The vulnerability is already being actively exploited by cybercriminals to infect vulnerable systems with malware.
Source admin.ch, further information: Critical vulnerability in Java library«Log4j» (admin.ch)
Our specialists have checked our applications for vulnerability due to this weakness.
Our software solutions are not affected by the “Log4j” vulnerability.
| Product | Producer |
|---|---|
| Branchenlösung Engineering & Project management | Logico Solutions AG |
| Branchenlösung Serviceoriented companies | Logico Solutions AG |
| Branchenlösung Flexible project / order production | Logico Solutions AG |
| ecoDMS | applord Holding Europe GmbH |
| MobileNAV | MultiSoft Kft |
| TimeSafe | Infotech AG |
| SwissSalary 365 | SwissSalary Ltd. |
| SwissSalary Direct | SwissSalary Ltd. |
| SwissSalary Easyrapport | SwissSalary Ltd. |
| SwissSalary Insights | SwissSalary Ltd. |
The cloud solutions operated by 1ClickFactory are also not affected by the security vulnerability.
