Informasjon vedrørende Log4j.
Våre utviklere har følgende informasjon om Log4j (Engelsk):
This weekend the internet was on fire due to a vulnerability in an open source package called log4j.
With a simple crafted Http request you could take control of the whole server, and this package is widely used in Java based applications.
During the weekend we identified some potential vulnerable systems and patched them with the recommended mitigations. We are not using Java for development, but use some 3.party systems based on Java
After patching we started extra digging in activity and logs to check for potential breaches, but our systems are not impacted.