Currently, iSYSTEM is not aware of any impact, outside of the initial disclosure involving Log4j vulnerability (CVE-2021-44228) to the security of our enterprise services and has not experienced any degradation in availability of those services as a result of this vulnerability.
winIDEA and testIDEA do not use log4j.
The Eclipse debug plugin distribution includes a non-compromised version of log4j library.
The Eclipse IDE as a whole does use the log4j library, but is used as a desktop application, not as a server, so we do not see any threat in it. To be certain, contact your Eclipse distribution authors to provide an updated version.
Sorry this article didn't answer your question, we'd love to hear how we can improve it.
Note: This form won't submit a case. We'll just use it to make this article better.
{{ topic.Content }}