Critical vulnerability in log4j is no problem for ISGUS customers

Issue: Log4j is a popular logging library for Java applications. It is used for the high-performance aggregation of log data of an application. The blog of a service provider for IT security [LUN2021] reports on the vulnerability CVE-2021-44228 [MIT2021] in log4j in versions 2.0 to 2.14.1, which may allow attackers to execute their own program code on the target system and thus compromise the server. (Source: Website NCSC)

The security problem mentioned above in connection with the logging library Log4j of Java applications has been analysed by us and does not cause any problems for ISGUS customers.

We can inform you that the ZEUS® product family (ZEUS® 3 and ZEUS® X) is not affected by the current security gap, as ZEUS® is a modern .net application and not a Java application.

The last ISGUS product series that was developed with Java was already replaced 10 years ago.