Checkmk is not affected by Log4j (CVE-2021-44228)

Problem

Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services.

A remote attacker could take control of the affected system by utilizing this vulnerability.

Solution

Checkmk is aware of the vulnerability and has completed verification that this issue does not impact Checkmk itself and the Checkmk appliance.

Related articles

• Page:
  Troubleshooting CVE-Check CVE-2021-44228 Log4j is crashing on Windows
• Page:
  Checkmk is not affected by Spring4Shell (CVE-2022-22965)
• Page:
  Checkmk is not affected by Log4j (CVE-2021-44228)
• Page:
  Checkmk is not affected by Dirty Pipe Exploit (CVE-2022-0847)
• Page:
  Considerations before running the agent as an unprivileged user