Are any of your products impacted by the recently discovered log4j vulnerability
Ghath
Posts: 1 New member
in SQL Backup
Best Answer
-
Ben_P Posts: 236 Silver 2Hi @Ghath
Thank you for your inquiry regarding Redgate products impacted by the recent CVE-2021-44228 ‘Log4Shell’ vulnerability.
Thankfully our external Redgate products are not impacted by this vulnerability as they are built upon .NET and are not susceptible. Our Flyway product does utilize Java and our development teams have ensured that it doesn’t ship using log4j / log4shell.
A small number of our internal systems which had used the vulnerable version were thoroughly checked for any evidence of exploitation before being patched and updated.
Redgate takes the security and privacy of its clients seriously so if you have further questions we will happily follow them through with our security team.