Log4j 2 - is Apache Haus vulnerable?

jghays7 · December 13, 2021, 08:16:03 PM

Is an Apache Haus installation vulnerable to CVE-2021-44228 Log4j 2 exploitation?

For information, we use Apache Haus as reverse proxy for another web server, with no other services required.

Thanks,

Jim

mario · December 13, 2021, 10:49:15 PM

Hi!
That doesn't apply to httpd apache. Only if you run apache tomcat with log4j. We don't offer here Java based software.

mario · December 13, 2021, 11:01:15 PM

See also https://hope-this-helps.de/serendipity/archives/POWERSHELL-scan-nach-log4j-681.html

mario · December 16, 2021, 11:05:14 AM

List of Apache projects affected by log4j CVE-2021-44228

https://blogs.apache.org/security/entry/cve-2021-44228

Log4j 2 - is Apache Haus vulnerable?

jghays7

mario

mario

mario