Dear Team,
recently I known about a critical vulnerability that can be exploited on the apache server log4j library.
Is your server running the log4j? Can you please update on this threat?
Thank you,
Andrea
I am running Ragic DB on my QNAP NAS. Now i was reading QNAP disabled Ragic as it is affected:
https://www.qnap.com/en/security-advisory/QSA-21-48
I already use the last patch from december 7th of 2021.
Is the vulnerability still there or is it already closed?
Thanks in advance
Werner Tröger
We will need to check with QNAP on why the security advisory was posted. Ragic does not use log4j related library, and has been scan and tested to make sure we are not affected by this vulnerbility.
Thanks for the information - good to know there´s no need to worry about this vulnerability.
Hope QNAP will change back to offer Ragic! through their App Store - maybe even with an updated package.