Apache Log4j Vulnerability

  • Quote from Sophos:


    Quote
    On December 9, a severe remote code vulnerability was revealed in Apache’s Log4J , a very common logging system used by developers of web and server applications based on Java and other programming languages. The vulnerability affects a broad range of services and applications on servers, making it extremely dangerous—and the latest updates for those server applications urgent.
    Sophos has completed an investigation to determine whether Sophos products are impacted. Please review the Security Advisory for status of your products.

    Is this effecting the current i-MSCP version as well?

    stay hungry, stay foolish!

  • Good evening,


    I can confirm that i-MSCP isn't affected in any way by the Log4J CVE.


    https://cve.mitre.org/cgi-bin/…e.cgi?name=CVE-2021-44228

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206