Checkmk is not affected by Log4j (CVE-2021-44228)
- Walter Fisch
- Matthew Hierholzer
- Anastasios Thomaidis
- Former user (Deleted)
Owned by Walter Fisch
A newly revealed vulnerability impacting Apache Log4j 2 versions 2.0 to 2.14.1 was disclosed on GitHub on 9 December 2021 and registered as CVE-2021-44228 with the highest severity rating.
LAST VERIFIED ON CHECKMK 2.3.0P15
Table of Contents
Problem
Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services.
A remote attacker could take control of the affected system by utilizing this vulnerability.
Solution
Checkmk is aware of the vulnerability and has completed verification that this issue does not impact Checkmk itself and the Checkmk appliance.
Related articles