Log4j Used by EPiServer?

volume_up

A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More.

Home / Forums / Developers (Main Products) Forum / CMS 7.5 - 11 /

Log4j Used by EPiServer?

Eric

Vote:

expand_less 0 expand_more

Is log4j used by EPiServer? Is Log4Net open to the same vulnerabilities?

#268324

Dec 13, 2021 14:21

Scott Reed

Vote:

expand_less 0 expand_more

Log4j is Java so isn't used in the Optimizely CMS/Commerce stack. Log4Net is used as a default in pre CMS 12/Commerce 14 instances but as it's built on the .NET framework it shouldn't have the same vulnerability, there's nothing I can see online that would suggest it would.

#268325

Dec 13, 2021 15:11

Scott Reed

Vote:

expand_less 0 expand_more

https://www.optimizely.com/zero-day-log4j-vulnerability/

#268333

Edited, Dec 13, 2021 19:14

Nickolson

Vote:

expand_less 0 expand_more

Thanks for helping with this!

#269810

Jan 11, 2022 12:15

error This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.