Posts: 16
Threads: 6
Joined: Jun 2018
Reputation:
1
Location: New Zealand
I have just been asked by a client if the Intraweb servers (as services and using http.sys) are vulnerable to the Log4Shell / LogJam vulnerability. I said I was pretty sure they weren't ... not running on Apache, using Java or using the Apache library concerned. But I thought I should check here as well. So, any concerns?
Many thanks
Posts: 1,136
Threads: 37
Joined: Mar 2018
Reputation:
30
Location: Limassol, Cyprus
Those bugs are all in Java libraries. To my knowledge IntraWeb does not rely on Java in any fashion at all. IntraWeb uses Javascript, but not Java.
Posts: 16
Threads: 6
Joined: Jun 2018
Reputation:
1
Location: New Zealand
Thanks kudzu. That's what I thought and had advised my clients accordingly, but thought I'd double check.