Statement regarding Log4j vulnerability (CVE-2021-44228)
 

On 10th December 2021 NIST published alert CVE-2021-44228 regarding a vulnerability in the Log4j software from the Apache Software Foundation.

We can confirm that the Log4j versions used in Ascert's VersaTest products are not those listed as having the above vulnerability. Additionally, we have conducted our own tests and can confirm that no breach was possible using the described attack method.

If you have any questions please contact Ascert Support.