Flexmonster is not affected by CVE-2021-44228/Log4J
A new cyber vulnerability connected to Apache Log4J was publicly disclosed on 10 December 2021. The issue identifier is CVE-2021-44228.
Our security experts prepared a statement on how Flexmonster is affected.
Our product, Flexmonster Pivot, is not vulnerable to the Apache Log4J attack. Flexmonster is a JavaScript library without any Java libraries. In particular, Flexmonster does not use the vulnerable Java Log4J library.
Since we provide additional tools along with Flexmonster Pivot, please find their statuses below:
- Flexmonster Data Server is a .NET-based tool that doesn't use Log4J
- Flexmonster Accelerator is a .NET-based tool that doesn't use Log4J
- Flexmonster MongoDB Connector doesn't use Log4J
- Flexmonster Admin Panel doesn't use Log4J
Our team has also checked all software used for infrastructure and development. We can confirm that all the software where Log4J is used has been updated to avoid the Log4J vulnerability.
In case of any additional questions, please get in touch with our team.