All eazyBI for Jira eazyBI for Confluence Private eazyBI

Log4j Vulnerability Statement


We are happy to report that our systems are unaffected by the CVE-2021-44228 vulnerability.

eazyBI apps use the log4j library, but we do not log the user input using this library.  Because of that, the CVE-2021-44228 vulnerability cannot be exploited in eazyBI apps. In addition, eazyBI apps include the earlier version of log4j 1.2, which is not affected by this vulnerability. So there is no actual impact on eazyBI from the CVE-2021-44228 vulnerability.

There is no immediate action necessary regarding the CVE-2021-44228 vulnerability in eazyBI apps. The library will be upgraded in the next major version of the eazyBI app.