LucaNet statement on critical vulnerability in Log4j
On Saturday, December 11, 2021, the German Federal Office for Information Security (BSI) warned all companies in the Federal Republic of Germany about a security vulnerability in the widely used Java library Log4j. The cyber security warning was thereby upgraded to warning level Red by the BSI. The extremely critical threat level is a result of the fact that this logging software is used by many companies worldwide to keep digital logs.
As a software provider for Financial Performance Management solutions, protecting our customers' highly sensitive data is a top priority for the LucaNet Group. To counter the security risks, our security experts have been working intensively to install appropriate protective measures in our software. Risks are continuously monitored, thoroughly examined, and updated as necessary.
The LucaNet Group has thoroughly investigated the potential impact of the vulnerability and identified the Log4j2 libraries that need to be updated in the LucaNet software.
We have created an info page on the topic to keep you up-to-date:
More information on the critical vulnerability topic in Log4j
For more information on the topic of critical vulnerability in Log4j, click here:
English version: Log4j – Apache Log4j Security Vulnerabilities and NVD - CVE-2021-44228 (nist.gov)
As a LucaNet customer, please contact our Support department for further product-specific questions.