Möbius and the Apache Log4j2 Vulnerability
Introduction: This page provides the latest updates on the potential impact of the open-source Apache “Log4j2” vulnerability on DigitalEd products and services based on the findings of our ongoing investigation.
We are actively following the vulnerabilities in the Apache “Log4j2" utility (CVE-2021-44228 and CVE-2021-45046).
Background: The Apache Log4j2 utility is a commonly used open source library for application logging. On December 9, 2021, a vulnerability was reported that could allow a system running Apache Log4j2 version 2.15 or below to be compromised and allow an attacker to execute arbitrary code.