FabSwingers.com forum: Log4j vulnerability

By *arc and Kama OP Couple
over a year ago

Birmingham

Hello Admin

How safe are our profiles ?

Internet is full of information about log4j bug.

Has your server provider patched that vulnerability in the server application ?

By (user no longer on site)
over a year ago

The bug you speak of only affects applications written in Java. If this site doesn’t use Java you have nothing to worry about.

So the question really is does it ?

By (user no longer on site)
over a year ago

Looks like ASP.NET on the backend so nope.

By *arc and Kama OP Couple
over a year ago

Birmingham

"The bug you speak of only affects applications written in Java. If this site doesn’t use Java you have nothing to worry about.

So the question really is does it ?"

This is about RCE that allows you to take over the server, so not need to be related to the application that fab is using. But if the server is shared and there are other applications using log4j library, our site is also involved.

So the question is more to admin to find out.

I just asked it in the wrong group but since it is there… I hope that Admin read it.

By (user no longer on site)
over a year ago

Good video on the subject by Jhon Hammond

https://www.youtube.com/watch?v=7qoPDq41xhQ