You may be aware, from recent press coverage, that a new security vulnerability has been discovered in the Java logging framework Log4j. Due to widespread usage of Log4j, this is affecting applications globally. Eurobase clients that might be affected are being contacted directly and we are urgently reviewing how best to address this vulnerability. Further investigations are also underway as a precaution.
There is more information at the following sites on this vulnerability.
This is an evolving situation and the number of components and products affected across the IT industry is continuing to change. It is imperative that all clients closely monitor the situation as well and take ongoing action to scan and mitigate accordingly.
Additional third-party websites that might prove useful include:
“Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation”
“Log4j overview Scanning software”
Note: the disclaimer at the top of the page.
If you have any questions or concerns relating to Eurobase software, please do not hesitate in raising a support ticket.
As part of our situation review, we have also been investigating our partner or dependent products. If a specific risk has been identified, we have been contacting clients directly.
If you have any questions or concerns, please do not hesitate in raising a support ticket.
As a general point, although we have been checking against our software, it is strongly recommended that all clients run full scans of their systems anyway to verify any additional components that might be affected, then implement the relevant resolutions.