Apache Log4j Security Vulnerabilities
(CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

Release Date: Dec 27, 2021

Apache Software Foundation published security information about Apache Log4j Security Vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105).
We will show the information below.
Please be advised that the information will be changed or added without notice.

Vulnerability summary

Details are explained in the site below.
Apache Log4j Security Vulnerabilities

Content of countermeasure

We are aware of Apache Log4j vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105) and are evaluating exposure of products and services which we sell or provide.

In the interim, we confirmed that the following products are not affected.
・Panasonic applications which are preinstalled in Panasonic PCs

We applied the countermeasure (library update) to the following service.
・Recovery Image Download Service(*)
(Malicious access to the service is not detected)