Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Suspected Log4j vulnerability traffic
#1
Yesterday we got Suspected Log4j vulnerability traffic in one of our intraweb application.

We are using this Log4j in the intraweb 15.2.27? If yes kindly advise the version?
Reply
#2
Gute Frage. Ich möchte auch gern wissen
Reply
#3
Log4j is a JAVA library. To my knowledge IntraWeb does not rely on Java in any fashion at all. IntraWeb uses Javascript, but not Java.

"suspected" are AV tools ways of saying "we dont know, we are just guessing"

Unless you have added Log4J usage yourself, there should be no usage of it that I can see.
Reply
#4
(12-14-2021, 06:29 PM)kudzu Wrote: Log4j is a JAVA library. To my knowledge IntraWeb does not rely on Java in any fashion at all. IntraWeb uses Javascript, but not Java.

"suspected" are AV tools ways of saying "we dont know, we are just guessing"

Unless you have added Log4J usage yourself, there should be no usage of it that I can see.

Thank you. I think also
Reply
#5
(12-14-2021, 01:21 AM)pgnair Wrote: Yesterday we got Suspected Log4j vulnerability traffic in one of our intraweb application.

We are using this Log4j in the intraweb 15.2.27? If yes kindly advise the version?

HI Pramod,

I'd love to know who pointed out about this suspected activity 

Sometimes I think auditors just make up some stuff to look they are doing their job :-)
Reply
#6
BTW, IntraWeb does not use a single library, code or binary made in Java.

There is ZERO chance to use anything even remotely related to Log4J
Reply
#7
This. Smile


Attached Files Thumbnail(s)
   
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)