News

-

Information on the new Apache Log4j RCE vulnerability

Since an advisory and exploit code have been recently released for a remote-code-execution vulnerability in Log4j, an open-source logging library, we would like to inform you about the relevance for your ELEMENTS system.

A successful attack can only take place if malicious user-generated data is being logged, unsanitized, through Log4j. Some of the ELEMENTS‘ software dependencies, Solr and Elasticsearch, do use Log4j, but with our logging configuration, no user-generated data is being logged by these apps at any time, meaning that the exploit does not apply to any of our products.

However, we will still include a patched version of Log4j as soon as possible in the next update.

There is no action to be taken at this time. We will continue to closely monitor the situation and inform you as soon as the patched version of Log4j is available. If you have any further questions, please feel free to reach out to us anytime! You can contact our support team by email service@elements.tv or by phone +49 211 749 535-0.

< Back to overview

Glossar

COBIT

COBIT ist ein international anerkanntes Rahmenwerk für das Management und die Governance von Informationstechnologie. Es bietet ein umfassendes Regelwerk von Prinzipien, Praktiken und analytischen Instrumenten und Modellen zur Steuerung der unternehmensweiten IT.