Is my system vulnerable to Log4Shell vulnerability?

java logging

Solution 1:

If you don't run any software that's using Java you're fine (at least for this exploit).

Do however keep in mind that there's a lot of things that use Java under the hood while having a native compiled application to start things and have an embedded JVM. Those are potentially affected. Examples of this are for example Jetbrains CLion and PyCharm, both are Java applications.

Of course the only such applications that are vulnerable to actual attack are those that can be accessed from the internet (or by an active intruder on your network, in which case you have a far bigger problem.

The aforementioned Jetbrains products aren't among those btw, they are just examples of things that run Java under water when the end user may not even be aware of it. Nor do they rely on Log4J2, they use another logging solution internally.

Were you running say Jira or Confluence, or other products like that, you might be vulnerable and should check with your suppliers.

Related

How can I get information about an network interface uptime?
Why does Robocopy skip a changed file if file length and file date are the same?
vim command palette, similar to sublime text
Can't upgrade from Ubuntu 18.04 to 20.04 due to block of third-party software
Can I connect two other monitors to my Dell Studio XPS?
Which Windows 7 log file contains device connection/disconnection information?
KVM image failed to start with virsh, permission denied
Why is my Eaton UPS beeping?
Remove a user's password using "net" command'
Can I set my Windows to boot without stop on password verification even when having a password set? [duplicate]
Remote Desktop Settings Missing
Why does my sytem only uses 3.2GB of my 4GM RAM?