Olympus Response to Apache Log4j Vulnerability (CVE-2021-44228)

Original Release Date: February 15, 2022

On December 9, 2021, a vulnerability in Apache Log4j has been published. The impact of the vulnerability, also known as Log4Shell, on our products is disclosed below.

Vulnerability Description

Apache Log4j, a Java-based open source logging library, contains a remote code execution (RCE) vulnerability (CVE-2021-44228).

Exploitation of this vulnerability allows remote execution of arbitrary code by logging a certain string.

Affected Products

At this time, no products developed or manufactured by Olympus have been found to be affected by the known LOG4J vulnerability.

This page will be updated as new information related to the log4shell vulnerability becomes available.

References

• NVD - CVE-2021-44228
• Apache Log4j Security Vulnerabilities

Revision History

February 15, 2022: This page is published.