What is the Log4j vulnerability?

A zero-day vulnerability involving remote code execution in Log4j 2 was reported on December 9, 2021.  Tracked as CVE-2021-44228, the vulnerability is classed as severe and allows unauthenticated remote code execution as the user running the application utilizes the Java logging library.  Systems and services that use the Java logging library, Apache Log4j between versions 2.0 and 2.14.1 are all affected, including many services and applications written in Java.


Were Fasoo products affected by the Log4j vulnerability?

No.  Fasoo data security products, including the Fasoo Enterprise DRM suite, Fasoo Data Radar, were not affected by the vulnerability and did not include the Log4j Java library versions that contained the vulnerability.


Were Fasoo websites affected by the Log4j vulnerability?

No.  Fasoo websites were not affected by the vulnerability.