Posted on
December 17, 2021
log4shell - process.science NOT affected
We are pleased to reassure you that none of the software we use and none of our products in any version is vulnerable to "log4shell" for the simple fact that none of it is based on Java.
We immediately and thoroughly checked all of our backend and customer-facing software, all of our products and the inventory of all libraries included.
The recently discovered vulnerability (CVE-2021-44228) named "log4shell" in the widely used software component "log4j" enables unauthorized remote access to vulnerable applications based on the Java-Ecosystem. It is hard to overestimate the severity of this vulnerability and how wide spread it is.