News

Customer information on the critical vulnerability "Log4j" / OAS software solutions not affected

According to the Federal Office for Information Security (BSI), the critical vulnerability (Log4Shell) in the widely used Java library "Log4j" currently leads to an extremely critical threat situation for affected IT systems. Hackers can exploit this vulnerability to infiltrate and execute malicious code in your system. In this context, the BSI has published a cyber security warning with a red alert level.

As we are currently receiving many enquiries about this, we would like to inform you that OAS software solutions are not affected by this security vulnerability as far as we know at present. This assessment includes our software products emaxx, logis, pronto, wcon-Desktop as well as our applications for scale communication.

For the application Modawi of the provider consist ITU for the processing of electronic waste records, we have received information that version 5 is affected by the vulnerability. The manufacturer has already made patches available. Affected customers have already been informed by us and the implementation of the patches is underway.

For the DOCUMENTS application from the vendor otris, we have received information that versions 5.0f - 2205 and higher are affected by the vulnerability. The manufacturer has already made patches available. Affected customers have already been informed by us and the implementation of the patches is underway.

We have received information that the SoapUI application from the provider Smartbear is affected by the vulnerability. Further information on this can be found on the website of the manufacturer Smartbear:

The manufacturer Oracle also provides patches for its databases. Further information on this can be found on the website of the manufacturer Oracle:

We generally recommend that our customers also check other instances of the IT infrastructure for the vulnerability. Many manufacturers have already published corresponding security advisories. Continuously updated information on affected components can also be found on the BSI website:


Your IT infrastructure - in safe hands with us

If you need support in checking your IT infrastructure, our experienced experts will be happy to provide you with further advice. If required, we are also happy to offer you comprehensive support for your IT infrastructure. With the various managed monitoring solutions of OAS AG for a proactive monitoring of your IT infrastructure and end devices you receive an effective and efficient prevention against viruses, spyware, ramsomware and trojans.

For further questions, please contact our support.

Your contact to OAS AG

Are you interested in more information about OAS AG? Do you want to ask for a quotation? Do you have questions about one of our business segments? Or do you need support on your hardware, software, or infrastructure? Please do not hesitate to contact us. We will be pleased to help you!

Contact