ScriptUO

General => Site News => Topic started by: Tidus on December 15, 2021, 08:37:41 PM

Title: log4j and ScriptUO
Post by: Tidus on December 15, 2021, 08:37:41 PM
Just wanted everyone to know that I have been checking into whether we would have a log4j issue with our current setup. The easy answer is: NO.  For our server management we use Plesk.

Situation
CVE-2021-44228 is a vulnerability in Apache Log4j which is a Java library. So, this vulnerability may affect Java-based applications only.

Impact
Plesk does not use Java internally, so Plesk is not affected by this vulnerability. Since Tomcat support in Plesk was dropped in Plesk 17.8, Plesk does not support users' Java-based applications.