Token2 is aware of the RCE vulnerability in the Apache Log4j , classified by the Apache security team as a critical severity issue (CVE-2021-44228).
This issue can lead to remote code execution or information disclosure on the system running software containing the log4j component where a malicious actor can control any string that is logged.
Our initial investigations show that none of our software products, including TOTPRadius appliance, its patches, and standalone components have dependencies on the Apache Log4j component.
Therefore, we hereby confirm that our software products are not affected by CVE-2021-44228.
Subscribe to our mailing list
Want to keep up-to-date with the latest Token2 news, projects and events? Join our mailing list!