+- Atozed Forums (https://www.atozed.com/forums)
+-- Forum: Atozed Software Products (https://www.atozed.com/forums/forum-1.html)
+--- Forum: IntraWeb (https://www.atozed.com/forums/forum-3.html)
+---- Forum: English (https://www.atozed.com/forums/forum-16.html)
+----- Forum: IntraWeb General Discussion (https://www.atozed.com/forums/forum-4.html)
+----- Thread: Log4Shell (/thread-2586.html)
Log4Shell - TonyNZ - 12-12-2021
I have just been asked by a client if the Intraweb servers (as services and using http.sys) are vulnerable to the Log4Shell / LogJam vulnerability. I said I was pretty sure they weren't ... not running on Apache, using Java or using the Apache library concerned. But I thought I should check here as well. So, any concerns?
Many thanks
RE: Log4Shell - kudzu - 12-13-2021
Those bugs are all in Java libraries. To my knowledge IntraWeb does not rely on Java in any fashion at all. IntraWeb uses Javascript, but not Java.
RE: Log4Shell - TonyNZ - 12-15-2021
Thanks kudzu. That's what I thought and had advised my clients accordingly, but thought I'd double check.