SecureSafe and DSwiss not affected by log4j security vulnerability
13-12-2021 Author: DSwissDSwiss does not use log4j as a standard logging framework. Therefore, we can confirm that our services (SecureSafe, eSafe instances and backend services) are not affected by the log4j vulnerability.
DSwiss Status
When the vulnerability was first disclosed on Friday 10th of December the DSwiss security team immediately assessed the exposure level of all DSwiss services. Over the course of the weekend additional tests were conducted to validate the exposure level of DSwiss.
At this poin we can confirm that:
- None of the production services - specially the eSafe instances
- None of the back-end services supporting production services are affected by the log4j vulnerability.
DSwiss does not utilize log4j as a standard logging framework. In case of further questions, please don't hesitate to contact us at Turn on Javascript!