Log4Shell vulnerability leads to extremely critical threat level
Attack possibility via log4j
Thursday, 12/16/2021: Currently, a critical vulnerability (Log4Shell) exists in the widely used Java library log4j. According to authorities, including the US Department of Homeland Security (DHS) and the German Federal Office for Information Security (BSI), this leads to an extremely critical threat level.
In this context, the following applies to MARIProject and SAP Business One:
- The MARIProject Web Client, Mobile Client, WebService, RESTService do NOT use any JAVA components and therefore also not the library log4j. This means you can continue to use the above components of MARINGO.
MARINGO AWS Cloud
- In the cloud operated by MARINGO Computers, only the MARIProject components can be accessed from outside and are therefore not affected, according to our assessment.
SAP Business One
- A recommended action is available for SAP Business One and SAP B1i / Servicelayer, among others.
- For further questions, SAP customers are asked to contact their SAP Business One Partner.
- The MARINGO support is happy to help MARINGO customers:By phone (Support) +49 (221) 220.127.116.11
By email (Support) firstname.lastname@example.org
We will update this information on an ongoing basis.