Is SafeCom affected by the Apache Log4J vulnerability?

None of the SafeCom components are affected by this vulnerability.

Following SafeCom components use the Log4j library:
- SafeCom Device Server (Log4j v1.2.16)
- SafeCom Device Web Server / HP Unified Client (Log4j v1.2.16)
- SafeCom Mobile Print (Log4j v1.2.17)

Since CVE-2021-44228 is about versions between 2.0 and 2.14.1 (inclusive), and all our components use version 1.2.x they are not affected by this vulnerability.
No component update or further mitigation/config change is required

 

Link to original article