Apache Log4j 2 Vulnerability – Security Announcement

On 9 December 2021, a vulnerability for the logging library Log4j was publicly released. Log4j, made by Apache Software Foundation is commonly used. This vulnerability impacts all versions of Log4j from 2.0 to 2.15.0. As we closely monitor the IT community at Noesis Solutions, we quickly became aware of this potential vulnerability with a potentially broad impact on the internet last Friday.

Since we became aware of this vulnerability, we have immediately screened our platforms to identify and neutralize any instances of this vulnerability for Noesis Solutions’ systems. Fortunately, we were able to quickly conclude that there is currently no impact on:
* Optimus versions for all the supported platforms
* the Noesis Solutions websites

      From our risk assessment it resulted that the vulnerability exists in the log4j 2.x version that is present in id8 and our team has been working hard to fix it.

      A new version of id8 containing the fixes will be available on the Noesis download center on Tuesday, 21 December 2021, for all the supported platforms and we recommend all customers to upgrade their id8 installation.

      At Noesis Solutions, we value security and make it our duty to act quickly when issues like this arise. Contact us if you would like additional information on this security issue.

      With kindest regards,
      The Noesis Solutions Team

      Download pdf
      Published on 17 December 2021